In 2003, Bill Burr, a manager at the U.S. National Institute of Standards and Technology, wrote an 8-page paper titled "NIST Special Publication 800-63. Appendix A." That document — which suggested people come up with obscure passwords with capital and lower-case letters plus symbols and change their passwords often — became the cornerstone of corporate password management and internet security conventional wisdom for more than a decade. Now, Burr, 72 and retired, has a confession and an apology, The Wall Street Journal reports. "Much of what I did I now regret," he said.
When he wrote those guidelines, Burr tried to find empirical data to base his recommendations on, but there wasn't any available; he also says he was under pressure to complete his paper quickly. But thanks to years of massive hacks and leaked passwords, researchers can see what kind of passwords people are using, and it turns out, people aren't as clever or original as they think. "Changing Pa55word!1 to Pa55word!2 doesn't keep the hackers at bay," notes the Journal's Robert McMillan.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
-
Today's political cartoons - November 24, 2024Cartoons Sunday's cartoons - taped bananas, flying monkeys, and more
-
The Spanish cop, 20 million euros and 13 tonnes of cocaineIn the Spotlight Óscar Sánchez Gil, Chief Inspector of Spain's Economic and Tax Crimes Unit, has been arrested for drug trafficking
-
5 hilarious cartoons about the rise and fall of Matt GaetzCartoons Artists take on age brackets, backbiting, and more
-
US charges Indian tycoon with bribery, fraudSpeed Read Indian billionaire Gautam Adani has been indicted by US prosecutors for his role in a $265 million scheme to secure solar energy deals
-
Boeing machinists approve contract, end strikeSpeed Read The company's largest union approved the new contract offer, ending a seven-week strike
-
US economy still strong in final preelection reportSpeed Read It grew at a solid 2.8% annual rate from July through September
-
Boeing machinists reject deal, continue strikeSpeed Read The rejection came the same day Boeing reported a $6.2 billion quarterly loss
-
Ports reopen after dockworkers halt strikeSpeed Read The 36 ports that closed this week, from Maine to Texas, will start reopening today
-
Empty-nest boomers aren't selling their big homesSpeed Read Most Americans 60 and older do not intend to move, according to a recent survey
-
Brazil accuses Musk of 'disinformation campaign'Speed Read A Brazilian Supreme Court judge has opened an inquiry into Elon Musk and X
-
Disney board fends off Peltz infiltration bidSpeed Read Disney CEO Bob Iger has defeated activist investor Nelson Peltz in a contentious proxy battle
