The IT expert responsible for suggesting people use complex passwords and change them regularly says he regrets the advice – adding it “drives people bananas”.
Bill Burr wrote the guidelines for password security for the US National Institute of Standards and Technology in 2003 and suggested passwords should be changed every three months and include a range of characters.
Websites have a multitude of password requirements with some needing passwords including upper and lower case letters, while others ask for non-alphanumeric characters such as question marks and percentage signs.
Speaking to the Wall Street Journal, Mr Burr said: “Much of what I did I now regret.
“It just drives people bananas and they don’t pick good passwords no matter what you do.”
Security experts have regularly reiterated in the wake of various cyber attacks that password security remains one of the industry’s biggest issues.
Simplistic passwords, and their use across multiple accounts, is often cited as one of the biggest causes of widespread cyber breaches – as once account details are compromised in one place that information could then be used to access a range of different accounts.