Vaultize Blog Official, Ironclad Password Rules Dead: What You Need to Know

Most people have been taught to change passwords often, at least every 90 days, and to use phrasess like: L0tz0fB34RZ! (roughly "Lots of Bears!"). These "best practices" are so widely accepted that one can go to almost any company anywhere and find them being used.But, as it turns out, these password rules do more harm than good. And the man behind them feels sort of bad about it.Bill Burr, the security specialist who wrote an influential guide on authentication security for the National Institute of Standards and Technology (NIST) in 2003 that spurred these practices, has been walking back some of his advice."Much of what I did I now regret," Burr told the Wall Street Journal recently.