Password Safety Gets a Major Overhaul
Last week came a piece of advice that’s directly applicable to Oklahoma City real estate matters. To a greater or lesser degree, it also impinges on every one of your online accounts that attempt to safeguard your privacy—for instance, when you log into your account here on my Oklahoma City real estate site.
The news is about web passwords and security. For more than a decade we have been offered a choice:
If we care about our security—that is, the possibility of being hacked by internet bad guys—we’ve been cautioned to create passwords with long combinations of obscure characters (like ^,@, !, or %) interspersed between capital and lowercase letters and numbers—preferably in an order which makes no sense at all. And to change them every 90 days.
The other choice was to throw caution to the winds, cross our fingers, and make our passwords simple and memorable.
This advice originated with the National Institute of Standards and Technology in a pamphlet written by a mid-level manager named Bill Burr. Last week, Mr. Burr—who is now 72—admitted that much of the old advice was misguided. The recommended complexity had actually had a negative effect. “Much of what I did,” he said, “I now regret.”
So what ARE the new rules for creating your passwords—for my Oklahoma City real estate site and all the other password-protected sites? The new, rewritten guidelines suggest long, easy-to-remember phrases. The Wall Street Journal reported that “correct horse battery staple” (written as one long word) would take 550 years to crack, as opposed to the three days it would take to break “TrOub4dor&3.”
And better yet: forget about changing those passwords all the time. Change them only if there is an indication they’ve been stolen. It’s not every day that life gets easier—but this looks like it could be one of them.
Another way to make life easier when Oklahoma City real estate matters are at hand: check in with me. When you call me at the office, you won’t even need a password!