News Worms
News Worms


Your Password Doesn't Need To Be So Complicated

Your Password Doesn't Need To Be So Complicated

In June, a new group at the NIST rewrote the guidelines, which dropped the 90-day expiration advice and also the requirement for special characters. Meanwhile, periodic password changes can make them hard to remember for those needing access to dozens of systems, who might then waste time requesting a password reset whenever they've forgotten them.

Most people make minor changes that are easy to guess, he laments. NIST now recommends using long passphrases instead of complicated alphanumeric passwords, and only refreshing them if they've been breached.

But, Burr said in an interview with the Wall Street Journal that his theory came unstuck in practice, and his 2003 manual was "barking up the wrong the tree". He says that long, easy-to-remember passwords are the safest bet for consumers, and that passwords should only be changed if there is any sign that they have been compromised.

In reality, partly as a result of the NIST advice and the guidance offered by tech firms, people tend to just pick something short and memorable that meets the criteria needed. Gerhard says: "The other thing people will do is use the same password everywhere, which is a really, really bad idea". Burr said that numerous password rules he came up with weren't actually that helpful.

Contrary to what was expected, these combinations made systems less secure as users switched to using the same combination for multiple services, or simply pasted a paper with the password on the edge of their computers' screen.

You've probably followed this go-to password strategy countless times online: a letter, number, at least one uppercase letter and a special character.

Burr's original password guidelines have been updated now by NIST standards-and-technology adviser, Paul Grassi, who found that the existing rules "actually had a negative impact on usability".

Using biometric log-in methods, such as Apple's Touch ID and Samsung's iris-scanning technology, can also provide an additional layer of protection, as can two-factor authentication (entering additional codes from another device to prove it's you). He was not a security expert, and the 72-year-old bureaucrat is now apologising for what he has done. Not only are hackers aware of the subtle tweaks, they have them built into their scripts to break the codes as with numbers that appear in the middle of words in a password. Informally classify the systems you access and set your own password policies accordingly.

follow

editors' picks

August 10, 2017
Perseid meteor shower 2017: All you need to know
They hit our atmosphere at a distance of 50 to 75 miles with a speed that can be 25,000 or even 160,000 miles per hour. Instead, bring along a blanket or a lawn chair, so you can sit or lie down, and look straight up in to the night sky.

August 10, 2017
Israeli warplanes bomb Gaza sites, casualties reported
Sirens were sounded in the southern Israeli city of Ashkelon Tuesday evening in response to a rocket launched from Gaza . Responsibility for the attacks Israel has traditionally imposes on the ruling in the enclave's Islamist movement Hamas.

August 10, 2017
Lavrov details Russia's response to USA sanctions in meeting with Tillerson
Neither Tillerson nor Lavrov responded to a shouted question about how the new USA penalties might affect their discussions. Lavrov's upbeat assessment came amid what the USA has called a diplomatic low point unseen since the end of the Cold War.

August 10, 2017
Branden Albert Now Wants To Play For Jaguars In 2017
Albert sacrificed $8.9 million in base salary when he retired July 31, money that is guaranteed if he is on the Week 1 roster. After the 2015 season, Albert was chosen to play in the Pro Bowl for the second time in his career.

August 10, 2017
The attack was a deliberate act
Four soldiers have been left with minor injuries, while two are seriously hurt and have been taken to a nearby military hospital. It was the latest of several attacks targeting security forces guarding France over the past year.

August 09, 2017
Kenya's female voters could sway the presidential election
Odinga was also a candidate in the 2007 election, which was followed by deadly violence fueled by ethnic rivalries. The election aftermath turned violent, with fighting mostly along tribal lines, amid allegations of vote-rigging.

August 09, 2017
Cate Blanchett to pay comedian Lucille Ball in new Amazon film
Cate recently appeared in the Dan Rather biopic Truth and her latest movie credits include roles within Cinderella and Carol . Ball was the first woman in Hollywood to own a studio, Desilu Productions, which produced Star Trek .

August 09, 2017
Sensex, Nifty Tumble After Sebi Crackdown On Shell Companies
Sensex resumed higher at 32,341.05 and moved in a range of 32,354.77 and 31.915.20 before quoting at 32,057.28. The 50-share NSE Nifty touched an intraday low of 9,947, before closing down 78.85 points at 9,978.55.

August 09, 2017
Rep. Waters: Trump believes in nothing
But not Waters, who said in May that "we don't have to be afraid to use the word 'impeachment.' We don't have to think impeachment is out of our reach".

August 09, 2017
Seekonk mosquito pool tests positive for West Nile Virus
Symptoms of more severe disease can include high fever, neck stiffness, disorientation, coma, tremors, seizures and paralysis. To keep mosquitoes from entering a home, make sure window and door screens are in place and are in good condition.