“Your password must contain at least one special character, an even number and a capital letter”. Painful, right? Especially since these stringent requirements we all know so well are based on... well, not much at all, really. In 2003, Bill Blur, a federal executive in the United States, was under pressure from his bosses to update them on IT security. As he himself freely admits, he advised them to always include special characters in passwords... without any logic or evidence to back it up. On the contrary, it appears longer passwords are much harder to crack than shorter passwords full of special characters. The moral of the story? Better to use passwords like "I love pistachio spaghetti” than “ch0colat$98”.