May 4, 2016
Very few people are without one online account or another that requires the use of a password. Almost everyone in this day and age has an email, a social media account, or something that they need to access via a computer or their mobile device on the internet. Each account will require a username or log-in and a password.
Those who work in offices also have accounts they need to keep safe with passwords. Their individual access to tools needed to do their work, tracking forms and work emails, all come with passwords that will allow them to use what they need. In most situations, companies make it mandatory for each person to change passwords once every six months. The question is, is this truly necessary?
You may have heard about the recent breach of security of LinkedIn, with the professional social network asking account holders to change their password. This alone will definitely make people want to change passwords every now and then. There are some however who think that passwords should only be changed occasionally, and the reason they cite for this is that the more often you change these passwords, the more likely you are to replace strong passwords with weaker ones.
Those who are required to refresh passwords every few months or so know that when they are asked to change these codes, they are not allowed to recycle old ones. They are not also allowed to use all alphabetic or all numeric passwords. These new passwords need to be alphanumeric and with a special symbol to make these strong.
The constant change however can be very trying on a person, both in remembering and thinking of new strong passwords for their use. This is where the problem arises. Not only will people start forgetting what their new passwords are, especially if they need to change quite a few of these every few months, but they will start choosing easier to remember ones, which will make their accounts vulnerable.
This is probably why a lot of people discourage the constant changing of passwords. Some people think that changing your passwords should only be done when you have experienced a breach of your account, while a few think that you should only change your password when you are advised to do so (i.e. there is advise from higher ups to do so for your protection). There are also a few who believe that changing passwords is actually useless when it comes to financial and bank account log-ins since those who try to get into these do not really wait for a long period of time before using whatever passwords they get their hands on that very same day.
In reality, those who try to get into financial institutions rarely use passwords to access such accounts, but rather use hacks and backdoors to get what they want from these. So, is changing passwords really necessary? It usually depends on what your company requires, or in the case of personal accounts, which ones have been breached.
If you find your social network accounts having been used by others (probably because you left it open on a public computer somewhere without logging out or someone hacked it), then by all means, change your passwords and apply all security settings that are being suggested. If you broke off with someone that you feel may use your email and other password protected accounts to do something bad, then you should also change your passwords. For other situations however, the choice is up to you. Just make sure that when you change these codes, you remember what these are, what your retrieval procedures and answers are, and to keep passwords for each account unique from each other as much as possible.