FBI Says Length Is More Important Than Complexity for Passwords
Will this end the age-long debate?
Ever since the creation of digital passwords, cybersecurity experts have been split into two camps: those who advocate for short but complex sequences, and those who believe it’s length that matters. Finally, in 2020, the FBI itself has spoken, perhaps settling the age-long debate once and for all.
Posting in its weekly tech column titled Tech Tuesday, the Bureau’s Portland office advised Internet users that longer passwords are more effective. “Instead of using a short, complex password that is hard to remember, consider using a longer passphrase,” said the FBI. “This involves combining multiple words into a long string of at least 15 characters. The extra length of a passphrase makes it harder to crack while also making it easier for you to remember.” The rationale behind the stance is that a longer password — despite not having special characters or complicated sequences — requires more computing power to crack, which hackers often lack.
The advice has academic backing as well. According to research back in 2015, computer science expert Eugene Panferov found that “the effect of increasing the length dwarfs the effect of extending the alphabet,” or in other words making a short password more complex.
In other tech news, a video of an iPhone 11 Pro Max running Apple’s iOS 14 has potentially leaked.
