Password guru regrets past advice - BBC News

Current guidelines no longer suggest passwords should be frequently changed, because people tend to respond by making only small alterations to their existing passwords - for example, changing “monkey1” into “monkey2”- which are relatively easy to deduce.

Furthermore, it has been demonstrated that it takes longer for computers to crack a random mix of words - such as “pig coffee wandered black” - than it does for them to guess a word with easy-to-remember substitutions - such as “br0k3n!”.

Pass-phrases are the way to go. Easy to remember and harder to guess.

#protip #securitynews