If you ever wanted someone to blame for having to change your password every 90 days – last week the world found out who that person is. Former National Institute of Standards and Technology manager Bill Burr recently admitted to the WSJ that his 2003 password guidelines were unnecessarily harsh. The new guidelines suggest removing the 90-day password refresh requirement and the requirement for special characters. Instead, it suggests to use a phrase of words that doesn’t make any sense, but is longer while still being easier to remember.
Love non-obvious stories? Get my weekly newsletter with stories like this one along with a short but useful analysis of why it matters … all delivered directly to your inbox every Thursday morning!