technology Real Talk About Passwords by: Aaron Rich, CEO of ARCITECHX IT Consulting
A
s a guy who runs an IT firm, I can assure you I may have taken Bill Burr’s name in vain a time or two. While most of you would probably say, “Who the
people across the globe for decades to come. Now retired from his life of bureaucracy, he has fessed up to not knowing what he
heck is Bill Burr?”, I would declare to you he is a person that has
was doing when he set the standard for password complexity that
single handedly made your lives more difficult on a DAILY basis.
creeps it’s way into our lives every day. Everything from your email
I’ll get to his apology in a bit. He is truly very sorry. Really, he feels
account to your bank login to your Amazon account to your TikTok
terrible about it.
login all have a standard that requires an uppercase character,
You see, Burr is the former manager at the US National Institute of
22
complexity rules across the web were founded, causing grief for
lowercase character, numeral, and special character.
Standards and Technology (NIST). In 2003, Burr drafted an eight-
One thing we can all agree on is that password complexity rules
page guide on how to create secure passwords called the “NIST
are annoying. As Burr retrospectively sums up his torturous ap-
Special Publication 800-63. Appendix A”. That innocuous sounding
proach to passwords “It just drives people bananas and they don’t
document was what outlined the standard by which our password
pick good passwords no matter what you do.”
BAY B I Z / W I N T E R 2021
