The more complex the password, the safer? Not sure!

The more complex the password, the better? Not sure, because that rule is in fact not safe, research has proven it to be true.

What is your email password? There is no need to answer, but often it will be long, hard-to-remember passwords, including numbers, letters, capital letters and non-alphabetical characters (@ #% $ . no term).

This is one of the password-setting rules issued by Bill Burr - managed by the National Institute of Technology Standards (USA). More specifically, the standard of Burr Bill is in Appendix A of the "NIST Special Publication 800-63" document , stating that each password should follow the above rules and need to be renewed every 90 days.

Picture 1 of The more complex the password, the safer?  Not sure!
Each password needs to be renewed after 90 days.

And now it is being seen as a guide to setting passwords for almost all websites worldwide. However, recently, Burr himself had to share in Wall Street magazine: "This is the decision that makes me regret the most."

According to Burr, at that time, he did not have enough data to study the security of such passwords. So, he assumed the more complex the password setting, the stronger and more secure it would be.

There are things: "After all, putting too complicated passwords makes users find it hard to remember, and most of all, we've approached the wrong way" - Burr said.

According to Burr's research, the password is too complicated, adding every 3 months to change once makes the user feel difficult to remember and must write it somewhere, to make security decrease go.

Picture 2 of The more complex the password, the safer?  Not sure!
After all, too complex password settings make it difficult for users to remember.

For example, the password "Tr0ub4dor & 3" , the look is complicated but it is very difficult to remember. Moreover, when trying to break a password using a computer, it only takes about 3 days to complete the password.

In addition, according to the research, in recent years the safety level of passwords has dropped very low. Partly due to careless users, but mostly because the hacker technology has increased dramatically.

So how is the password safe?

Burr said, a secure password does not lie in complexity, but in length . A password combined with four common but unrelated words, for example "correct horse battery stable" - the computer takes five centuries to break it.

Picture 3 of The more complex the password, the safer?  Not sure!
Secure passwords are not in complexity, but in length.

Also, an important point when setting a password is not to use the same passwords for multiple accounts. This inadvertently also reduces your security, because only one account is exposed, it will create a domino effect. Think of the scene of having to change the password of all accounts - maybe dozens, you will see it as an opinion.

In summary, the rule here is simply a long enough password - over 12 characters, difficult to guess, not too complicated, and do not set the same password for different accounts.