Man Behind Password Requirements Admits He Was Wrong

Avery Thompson

Updated August 8, 2017 at 3:27 PM

It's tough to create a good, secure password. It's tough to even agree on what makes a password strong in the first place, but most of the websites you'll visit probably recommend numbers, capital and lowercase letters, and probably a random symbol or two. This was the recommendation of Bill Burr, who created those password guidelines while working for the National Institute of Standards and Technology back in 2003.

Now, almost 15 years later, Burr finally admits he made a mistake. In an interview with the Wall Street Journal, Burr expressed his regrets for giving advice he now realizes was flawed.

The problem isn't that passwords with random numbers and symbols in them aren't secure. They can be, especially if a random password generator is used to create secure passwords. The problem is that humans suck at remembering passwords filled with random numbers and symbols, so they typically create simpler passwords that are easier to guess.

If you've ever had to come up with a "secure" password, you probably did the same thing as almost everyone else-pick the first word that comes to mind and substitute a few numbers and symbols for letters. An O becomes a zero, a 1 becomes an exclamation point, and now you have what looks like an impossible-to-crack password.

But you're not the only one doing this, which means that hackers routinely try to guess these common substitutions. These simple instructions double as a handy guide for attack by password crackers. Ironically, Burr's password security guidance actually ended up making passwords less secure.

Burr's admission comes at a time when "secure password advice" is becoming mostly irrelevant. There are several services like LastPass and OnePass that will generate secure passwords for you and remember them so you don't have to. And hopefully in a few years we'll have replaced passwords entirely with some other sort of tech all together.

Of course, all of this is pointless if you don't care about having a strong password in the first place.

Source: Wall Street Journal via The Verge

You Might Also Like

Yahoo Sports
NFL Draft: Packers fan upset with team's 1st pick, and Lions fans hilariously rubbed it in
Not everyone was thrilled with their team's draft on Thursday night.
22h ago
Yahoo Sports
NFL to allow players to wear protective Guardian Caps in games beginning with 2024 season
The NFL will allow players to wear protective Guardian Caps during games beginning with the 2024 season. The caps were previously mandated for practices.
7h ago
Yahoo Sports
Michael Penix Jr. said Kirk Cousins called him after Falcons' surprising draft selection
Atlanta Falcons first-round draft pick Michael Penix Jr. said quarterback Kirk Cousins called him after he was picked No. 8 overall in one of the 2024 NFL Draft's more puzzling selections.
4h ago
Yahoo Sports
Carolina Panthers owner David Tepper stopped by Charlotte bar that criticized his draft strategy
“Please Let The Coach & GM Pick This Year" read a sign out front.
9h ago
Yahoo Sports
Korey Cunningham, former NFL lineman, found dead in New Jersey home at age 28
Cunningham played 31 games in the NFL with the Cardinals, Patriots and Giants.
9h ago
Yahoo Sports
Based on the odds, here's what the top 10 picks of the NFL Draft will be
What would a mock draft look like using just betting odds?
4d ago
Yahoo Sports
Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill
Vincent Goodwill and Tom Haberstroh break down last night’s NBA Playoffs action and preview several games for tonight and tomorrow.
2d ago
Yahoo Sports
Fantasy Baseball Waiver Wire: Widely available players ready to help your squad
Andy Behrens has a fresh batch of priority pickups for fantasy managers looking to close out the week in strong fashion.
14h ago
Yahoo Sports
Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion
The Red Sox were already mourning the loss of Tim Wakefield from that 2004 team.
6d ago
Yahoo Sports
Jackson Holliday sent back to Triple-A after struggling in first 10 games with Orioles
Holliday batted .059 in 34 at-bats after being called up April 10.
7h ago
Autoblog
UPS and FedEx find it harder to replace gas guzzlers than expected
Shipping companies like UPS and FedEx are facing uncertainty in U.S. supplies of big, boxy electric step vans they need to replace their gas guzzlers.
2d ago
Yahoo Sports
Ryan Garcia's win over Devin Haney raises more questions than answers
Ryan Garcia showed up for Saturday night’s fight against Devin Haney in New York as a 6-1 underdog. He also showed up several pounds heavy, towing behind him what seemed to be some heavy psychological baggage. And then he won.
5d ago
Autoblog
These are the cars being discontinued for 2024 and beyond
As automakers shift to EVs, trim the fat on their lineups and cull slow-selling models, these are the vehicles we expect to die off soon.
3d ago
Yahoo Sports
Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal
Dan Wetzel, Ross Dellenger & SI’s Pat Forde react to the huge performance this weekend by Texas QB Arch Manning, Michigan and Notre Dame's spring games, Jaden Rashada entering the transfer portal, and more
4d ago
Yahoo Sports
Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions
Reid's deal reportedly runs through 2029 and makes him the highest-paid coach in the NFL.
4d ago
Yahoo Sports
NBA playoffs: Who's had the most impressive start to the postseason? Most surprising?
Our NBA writers weigh in on the first week of the playoffs and look ahead to what they're watching as the series shift to crucial Game 3s.
1d ago
Yahoo Sports
The Buzz: Fantasy baseball's polarizing hitters — is Mike Trout really back?
Fantasy baseball analyst Scott Pianowski breaks down some of the trickiest batters to gauge so far this season in the latest edition of The Buzz.
1d ago
Yahoo Life
Here’s when people think old age begins — and why experts think it’s starting later
People's definition of "old age" is older than it used to be, new research suggests.
5d ago
Yahoo Finance
Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock
Trump is entitled to an additional 36 million shares if the company's share price trades above $17.50 "for twenty out of any thirty trading days" over the next three years.
3d ago
Yahoo Sports
Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal
Cortés' attempt didn't fool Andrés Giménez, who fouled off the pitch.
6d ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

Man Behind Password Requirements Admits He Was Wrong

Recommended Stories

NFL Draft: Packers fan upset with team's 1st pick, and Lions fans hilariously rubbed it in

NFL to allow players to wear protective Guardian Caps in games beginning with 2024 season

Michael Penix Jr. said Kirk Cousins called him after Falcons' surprising draft selection

Carolina Panthers owner David Tepper stopped by Charlotte bar that criticized his draft strategy

Korey Cunningham, former NFL lineman, found dead in New Jersey home at age 28

Based on the odds, here's what the top 10 picks of the NFL Draft will be

Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill

Fantasy Baseball Waiver Wire: Widely available players ready to help your squad

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

Jackson Holliday sent back to Triple-A after struggling in first 10 games with Orioles

UPS and FedEx find it harder to replace gas guzzlers than expected

Ryan Garcia's win over Devin Haney raises more questions than answers

These are the cars being discontinued for 2024 and beyond

Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

NBA playoffs: Who's had the most impressive start to the postseason? Most surprising?

The Buzz: Fantasy baseball's polarizing hitters — is Mike Trout really back?

Here’s when people think old age begins — and why experts think it’s starting later

Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal