Best Practices for Passwords Updated After Original Author Regrets His Advice, by Nick Statt, The Verge
Did you ever use the word “password” as your password or work for someone who did? Maybe you added “1” at the end to make it more difficult to crack? Before we knew about the dangers of Internet hacking, we often used the same password for everything.
Now most of us use intricate passwords with upper and lowercase letters, numbers, and symbols, and never use the same password twice. Why? Because people like Bill Burr told us that was the best way to stay secure on the Internet.
Unfortunately, using irregular capitalization, numbers, and special characters, made our passwords easier to predict. We made it worse. We got lazy. When we changed our passwords, often we would replace only a character or two at the most. This made our passwords easier to crack, and did little or nothing to make them more secure.
Now Mr. Burr encourages us to ignore his earlier advice, even though some of these complex passwords have stood the test of time. Unless you use a password generator, the advice now is to use random phrases that have no apparent connection. Happily, they are easier to remember and harder to crack at the same time. -CCE