The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d! Bill Burr’s 2003 report recommended using numbers, obscure characters and capital letters and updating regularly—he regrets the error

Posted in: Internet Use/New Technologies at 09/08/2017 20:37

The man who wrote the book on password management has a confession to make: He blew it.

Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly.
...
Long, easy-to-remember phrases now get the nod over crazy characters, and users should be forced to change passwords only if there is a sign they may have been stolen, says NIST, the federal agency that helps set industrial standards in the U.S.
https://www.wsj.com/articles/the-man-who-wrote-those-password-rules-has-a-new-tip-n3v-r-m1-d-1502124118

Also see:

Creator of password safety admits he got it wrong
The complicated and easily forgotten password filled with random numbers and symbols is the bane of many office workers' lives.

And now the technology guru who came up with the rules on safeguarding personal information 14 years ago has admitted that his guidance was wrong.

Bill Burr wrote what has become the "bible" on password security in 2003 while working for the US government.
https://www.stuff.co.nz/technology/digital-living/95588716/man-responsible-for-making-passwords-such-a-pain-says-he-was-wrong

Read more now


Registrar Solutions