The author of rigorous wachtwoordeisen regrets
Bill Burr, a former U.s. official who in 2003 a set of strict requirements for computerwachtwoorden fielded, says that he regrets his influential work.
Burr proposed the National Institute of Standards and Technology (NIST), an opinion, in which he inter alia called for a lot of numbers and special characters to use in passwords, and to regularly change.
The standards of NIST have a lot of influence within the American government and in the private sector. By the earlier document of Burr was for many agencies and companies are obliged to regularly all passwords are to be replaced, and character combinations to use that are difficult to remember.
“I now regret much of what I’ve done,” says the 72-year-old Burr Tuesday at the Wall Street Journal. In June, NIST a new version of his opinion on which major changes were implemented.
In practice, it seems that a lot of people in the obligatory password changes only make slight adjustments, for example, by one digit to change. Also, the requirements meant that a lot of people are easy to guess passwords like ‘W4chtw00rd!’.
According to experts, it is better to take a long, but easy to remember password to use, than a shorter more complex password. A password consisting of four random words after each other, for example, difficult to crack.
“It was probably too complicated for many people to understand, and to be honest I had a wrong approach,” says Burr is now on his advice. “People go crazy and they choose to still not have good passwords, what you do.”