The IT expert responsible for suggesting people use complex passwords and change them regularly says he regrets the advice - adding it "drives people bananas".
Bill Burr wrote the guidelines for password security for the US National Institute of Standards and Technology in 2003 and suggested passwords were changed every three months and should include a range of characters.
Websites have a multitude of password requirements with some needing passwords including upper and lower case letters, while others ask for non-alphanumeric characters such as question marks and percentage signs.
Speaking to the Wall Street Journal, Mr Burr said: "Much of what I did I now regret.
"It just drives people bananas and they don't pick good passwords no matter what you do."