Finally some sense in the world of online security
EDITORIAL: So we've been doing it all wrong all this time. What an utter and total relief.
Because if we had been doing it right then we'd have to admit the right way was driving us nuts.
Bill Burr, the recognised godfather of online passwords, has done an about face and admitted his 2003 advice to fill our near countless digital passwords with random numbers, capital letters and symbols to protect us from evil hackers was poppycock.
Thank you Bill. Passwords are one of the small but powerful irritants of the digital age and most of us had a hunch they were useless anyway.
Quite how the genius of robot and human hackers could have been undone by an uppercase letter and a number or two was never really clear. Especially when the most common password was either a person's first name followed by the year of their birth or Password123.
Bill admits that now. Admits his advice actually made it easier for hackers.
Now Bill says an uncrackable password is all about the length of the phrase and passwords should indeed be referred to as passphrases. So "horsecarrotsaddlestable" is far superior (and easier to remember) than MrSm!th79 and whereas Mr Smith would be hacked by "botnets" in minutes, horsecarrotsaddlestable would be safe for a trillion years. Literally.
This is fantastic news. Because even though passwords are on their way out and will soon be replaced with the likes of thumbprint, retina and facial scanners, we're going to be stuck with them for some time yet.
And they have become unmanageable beasts.
They worked fairly well when you had one computer to log into but now it would not be unusual for one person to have at least three digital devices that need a username and password. Once those are entered there are the other usernames and passwords needed every time you want to book a hotel, buy a shirt or simply watch a TV programme online.
It was getting to the point where passwords were taking up as much of our grey matter as that we dedicate to speech. Or so it felt.
With Burr's added advice that passwords don't need to be changed unless there is evidence of tampering, it could just be that the next passphrase you come up with might be the last you ever need.
Obviously we've gone ahead and baggsed horsecarrotsaddlestable, so you'll just have to try and come up with something else to see you through the next few years.