advertisement
advertisement
advertisement

The authority on passwords is tossing one of the most annoying password rules

A strong password has at least one capital letter, one number, and one special character, right? Not according to Bill Burr, who devised those rules as a manager at the National Institute of Standards and Technology in 2003. Now retired, Burr tells the Wall Street Journal that he regrets much of his original guidance, including the use of odd characters and routine password changes. Meanwhile, NIST now suggests a lengthy phrase that’s unique but easy to remember–echoing a classic XKCD comic from a few years ago–with no need to change passwords unless there’s evidence of a security breach. Whether your bank will stop nagging you to insert needlessly crazy symbols into your password from here on is another matter.JN