You’ve heard it all when it comes to creating hard-to-guess passwords. Use a mix of upper- and lower-case letters. Be sure to include special characters. Change your passwords every three months. These recommendations have created a messy alphabet soup of passwords for many people, who then get frustrated and constantly have to reset forgotten passwords. But there’s hope for a better way as experts are revising what it takes to have secure passwords.
The U.S. government’s National Institute of Standards and Technology recently issued a new set of password guidelines and it changes some of the advice we used to take for granted. While the guidelines are meant for government agencies, private businesses have adopted the NIST suggestions in the past, so this could be the start of a major sea change in how passwords are handled.
This should come as a relief to people who struggle with managing their passwords and meeting all the esoteric requirements we’ve been told to use. Check out the latest tips for safe passwords:
Use a phrase
Passwords guru Bill Burr used to work for the U.S. government to develop password guidelines. He’s one reason why we all use special characters, mixed cases, and numbers. Now, he’s a proponent of the passphrase, a string of words that you can easily remember, but that will be hard for anyone else to crack. Click here to see why passphrases work more effectively than a random selection of letters.
The new NIST guidelines suggest allowing users to create passwords up to 64 characters in length with an allowance for spaces between words. While many people just try to meet the bare minimum requirement of using eight characters, you will get a much stronger password by stretching things out.
This means a totally new approach to passwords where you could use your pets’ names from childhood, like “fluffy princess rex spike booboo chewie,” or all the streets on the way to your favorite restaurant, like “academy main washington ohio central.” Easy to remember. Hard to crack.