Elaborate Computer Passwords Don't Keep Hackers Away; Guideline Creator Says
NEW YORK (CBSNewYork) -- Think your password is safe with all those special characters and symbols?
You might want to think again.
As CBS2's Reena Roy reported, the man responsible for creating password security guidelines has gone back on his word.
We do it all day every day; logging onto our computers, emails, apps, racking our brains to remember password after password.
"Upper case is the first one, I always have three numbers and usually an exclamation point at the end," Becca Alder said.
"I've got a couple different passwords. I try to have a capital letter, number, and special symbol as they call it," Sam Koppleman added.
On top of that, you're often required to change the password frequently.
It turns out all that time spent improving our passwords may not have been worth it.
Bill Burr, the man behind the tedious rules told the Wall Street Journal that his guidelines don't keep hackers away.
Burr wrote the so-called 'password bible' 14 years ago while working for the government's National Institute of Standards and Technology. The manual was completely turned upside down two months ago.
New suggestions include long, easy to remember phrases instead of funky characters, and changing passwords only when there is a concern that it has been stolen.
"That feels really confusing to me because you think hackers would know the basic information, so I guess I just have to simplify everything," Rebecca Ellis said.
So just change your password right? Well, it's not so easy.
Because of the original guidelines, most password prompts have special requirements. So even if you try and try again, you're still stuck with complicated characters.
So what do you do?
"Do the same thing with upper case, lower case, etc. But put it within a phrase instead of a word," cyber security expert, Paul Oster said.
Oster said the phrases are unique to you, and therefore harder for hackers to guess with their software. He said the update was only a matter of time.
"Hindsight is 20/20. What he came up with 20 years ago was great, but no one saw the exponential growth in cyber crimes," Oster said.
Oster said as technology continues to advance, we can expect password strategies to keep evolving. He also recommended never saving your passwords to your computer or phone.
