Over the years, you’ve probably heard a few different suggestions on how to create strong passwords, one of which was pioneered by Bill Burr, formerly of the National Institute of Standards and Technology. However, he’s now saying that his method for creating secure passwords might actually make you more vulnerable. Yikes.
Related: How to create safe, secure passwords.
In a recent interview with the Wall Street Journal, Burr discussed how his original recommendations, which were to replace letters with symbols (like 3asyL1keSund@yMorn!ng), look complicated, but were actually easy to guess. (Though my Lionel Ritchie reference might not be what most people usually use — think their names, kids’ names, the word password.)
And even though he recommended you change your passwords every 90 days, most people would really only do small changes like add number, which again, very easy to guess.
Instead of Burr’s method, you should do what we’ve been recommending for years: a series of connected words that make sense to you but have no meaning to anyone else. That makes them easy for you to remember — turtle-moana-gecko-leia — but actually pretty difficult to crack. And do not use the same password twice, which is pretty difficult considering how many passwords we need these days.
You can also use something like 1Password, which Liz swears by (please note they are now an affiliate but we’ve been recommending them for ages), which houses all your accounts, then generates individual passwords every time you need to login. It does take a little time to set up, for obvious reasons, but once you do, you’ll have everything in one place.
No typing in a series of words 14 times and then locking yourself out of an account. (Not just me, I know!)
And hey, while you’re at this whole change-your-password thing, teach your kids how to do this too. If you’ve got kids old enough to use gadgets on their own, then they’re old enough to learn how to create passwords, and also, why you don’t tell anyone else what they are.