Maximum PC - - QUICKSTART -

In 2003, the Na­tional In­sti­tute of Stan­dards and Tech­nol­ogy said pass­words should con­tain up­per and lower case let­ters, a num­ber, a spe­cial char­ac­ter, and should be changed fre­quently. Many ser­vices in­sist you fol­low this for­mat, lead­ing to pass­words that are dif­fi­cult to rEm3mB%r. Bill Burr, the man be­hind the rules, has con­firmed what many ar­gue is cor­rect: it’s about pass­word length. Four ran­dom words are more dif­fi­cult to crack, and easier to re­call. NIST has is­sued new guide­lines, which also sug­gest not chang­ing pass­words un­less a se­cu­rity breach is sus­pected.

The old sys­tem cre­ated pass­words that were cryp­to­graph­i­cally weak, but hard to use. “Much of what I did I now re­gret,” said Bill. To be fair, it was also our fault; we used com­mon num­ber sub­sti­tu­tions, and sim­ple base words. Don’t get too blasé, though— “mynew­pass­word” is still not good.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.