P455w0rd man Bill Burr says 50rry for 'bananas' advice

Share

Burr recommended adding numbers, capital letters, exclamation marks and other special characters to passwords, advice that was adopted by organizations, companies, government agencies and educational institutions across North America.

It advised using capital letters, numbers and non-alphabetic symbols in passwords, in the belief that they would be more hard to uncover.

To be clear, the 8-page password advice he created while working in middle management at the National Institute of Standards and Technology is one of the leading reasons many current passwords can be such a pain to remember.

As per a report in Washington Post, Bill Burr's work, the "NIST Special Publication 800-63".

"Much of what I did I now regret", said Mr. Burr, 72 years old, who is now retired.

However, the rules, which include urging IT departments to encourage users to recreate passwords every 90 days, rather than securing systems have made them more vulnerable because users either end up using the same passwords repeatedly or write them on post-it notes affixed to their monitors.

Selena Gomez Will Be in Woody Allen's Next Film
She has taken on more serious roles before, such as 2012's Spring Breakers , but this will be her biggest film to date. That drama stars James Belushi, Juno Temple, Justin Timberlake , and Kate Winsletthe and is set in 1950s Coney Island.

Paris attack: police hunt driver who ploughed into soldiers on patrol
The soldiers were leaving their barracks at the Place de Verdun in Levallois-Perret when they were knocked down by the vehicle. The vehicle appeared to clearly target the soldiers but the motive remains unclear, a spokesperson for the Paris police said.

Liberty Global PLC (LBTYA) Shares Gap Down on Disappointing Earnings
Schwab Charles Investment Management Inc. boosted its stake in shares of Liberty Global PLC by 23.4% in the first quarter. Liberty Global plc - Class C Ordinary Shares (NASDAQ:LILAK) has declined 52.34% since August 8, 2016 and is downtrending.

Password decryption easiness is a significant factor in cyber security schemes nowadays, many of which don't even have to resort to software to make the right guesses. Complex passwords are hard to remember, they add, while users end up using the same one repeatedly on different websites, or writing them down on Post-it notes.

Burr's original guidelines were published almost 15 years ago, when he worked at the National Institute of Standards and Technology.

Now the National Institute of Standards and Technology has set more modern guidelines which says passwords should be long and easy to remember and should only be changed if you think they have been compromised. Originally published back in 2003, this document laid down guidelines for creating secure passwords and implementing password policy at corporations. The NIST's revised tips say users should pick a string of simple English words - and only be forced to change them if there's been evidence of a security break-in.

"We ended up starting from scratch", Grassi said.

Over time, however, that strategy has been shown to be fairly ineffective, especially when compared to passwords that are just words strung together.

Share