What the H%*k? Password Guru Regrets Advice

The Wall Street Journal reports that Bill Burr, who worked for the US Government, in 2003 issued a guide on the best way to create strong passwords. Combine letters, numbers and symbols he said. Change it regularly he said. Burr now admits he messed up. “Much of what I did I now regret,” he says in the WSJ piece. He says he relied on a paper from the mid-80s, well before the Internet took off, and was pressured to issue his guidance quickly.

Why is he changing his tune? Well, apparently it is easier for hackers to break through something like Pa55word! than, for example, a series of four words connected without spaces. And it also appears there is no need to keep changing passwords without some evidence of it being hacked. There have been other similar incidents. Bill Gates, for example, in 2013 admitted he regrets the whole concept of “control-alt-delete” (he blames IBM).

So maybe my new password should be “passwordgururegretsadvice.”