Are you overwhelmed by having to remember too many passwords? Why do some experts recommend using special characters like %, $, or @? Do you really have to change your password every 90 days? Which password method will keep your accounts and data safe from hackers?
Do you ever just feel like you’ve fallen into the password abyss?
Welcome to our new blog series, “The Great Password Debate!”
If you’re sick and tired of being sick and tired of keeping up with password complexity advice — which says to maintain dozens of unique special-character passwords that change every 90 days — you’re not alone. Bill Burr, who helped first come up with these password standards for National Institute of Standards and Technology (NIST), is right there in the password abyss with you:
“I have maybe 200 passwords. I can’t remember all those obviously […] It’s probably better to do fairly long passwords that are phrases or something like that that you can remember than to try to get people to do lots of funny characters.”
Currently, most authenticators make users create a combination of numbers, letters and symbols for a “safe” password. However, Mr. Burr has stated recently that he believes making passwords more complicated is NOT the best way to protect your information. He now recommends longer, simpler, and more unique phrases—and, apparently, so do the recently updated NIST standards.
So, what are you to do? Go with the tried and true methods of the past ten years, or step out with the new password approach? In our upcoming blog posts, we’ll delve into this issue, presenting various password rules and seeing how they compare with the latest suggestions from security experts. It promises to be a very L1v3LY D38473.