CNET también está disponible en español.

Ir a español

Don't show this again

Christmas Gift Guide
Security

Father of passwords regrets the advice he gave

Commentary: Bill Burr thought he gave the right advice about password creation. He's decided he was wrong.

 Technically Incorrect offers a slightly twisted take on the tech that's taken over our lives.


Cyber Security Concerns In The Global Wake of Hacking Threat

Random isn't as random as you thought.

Leon Neal / Getty Images

The people who offer wisdom sometimes sit down a little later and think: "Oops." This seems to have happened to Bill Burr. 

The former National Institute of Standards and Technology manager is regarded as the father of the modern password.

In 2003, he advised all government departments that passwords should be an entirely random string of letters and symbols. The sorts of things that (you'd imagine) no one could guess and you could never remember. 

It turned out that these are easier for hackers to crack than, say, weird words that you can actually remember. Like "gobbledegook." Or "nincompoop." (Not that I'm suggesting those precise words as passwords, you understand.)

Over the years, people seem to have used similar techniques to create their "random" combinations, which made them actually less random.

"It's probably better to do fairly long passwords that are phrases or something like that that you can remember than to try to get people to do lots of funny characters," Burr told CBS News

He admitted he had regrets. "I think I could have done a better job of figuring out some of the things that we now know, or at least of guessing them," he said. 

Perhaps it's best not to be too hard on yourself, sir.  Years ago, I thought we'd all end up working for Microsoft. I also watched every episode of "The Bachelor." 

Still, what other wise thinking might we have been given in 2003 that doesn't look so wise now?

Why, the US seems to have advised itself in that year that it would be a good idea to invade Iraq. The Recording Industry Association of America filed copyright lawsuits against internet users for using the web to, gosh, download music. 

Bill Gates thought it might be exciting for Microsoft and Google to merge. And airlines thought that it was wise to withdraw Concorde from civilian flight.

When you look back, you mumble: "We think we're a lot smarter than we really are, don't we?"

Technically Incorrect: Bringing you a fresh and irreverent take on tech.

Special ReportsCNET's in-depth features in one place.