His advice has been widely adopted by internet security companies and IT departments. It is responsible for tortuous phrases such as "P@55w0rd" or "Football123" to satisfy password forms, as well as workers having to create a new phrase every 90 days.
But computer experts say instead of improving security, the combinations make systems less secure. Complex passwords are difficult to remember and users end up using the same one repeatedly on different websites, or writing them down on Post-it notes.
The introduction of numbers and symbols also fails to make passwords any less vulnerable to hackers. So-called "brute force" cyber attacks, in which a computer program cycles through every possible combination of characters to guess a password, are not slowed down by numbers or capital letters, but depend on how long a phrase is.
"Much of what I did I now regret," Burr, who is now retired, told the Wall Street Journal. "In the end, it was probably too complicated for a lot of folks to understand well and, the truth is, it was barking up the wrong tree."