February 8, 2017
If you work in an organization that has you signing in to your computer every single time you need to work on it, you may have noticed that you get notifications every few months or so to update or change your password. The reason behind this regular change in passwords is to essentially prevent people from accessing your computer and whatever is in it with a password that you have been using for ages. The periodic changing of passwords has been encouraged for a while now, however it has been noted recently that constantly doing this is not that beneficial to you or your data’s security.
Why do some people discourage frequent password changes these days? Here are some reasons why:
It reduces the strength of your passwords – constantly changing your password requires that you memorize the new one every single time. This means that not only will it end up confusing you after a few changes (or locks you out of your computer), but it will also mean that in order for you to easily remember each new password, you will usually create less complex alphanumeric combinations.
This means that your passwords won’t have the same complexity and difficulty to guess factor it used to have. You may also end up using the same password across numerous accounts – your email, online banking, gaming accounts, and many more. This is for you to easily remember the complex password that you created without having to worry about typing in the wrong one, and this can pose a threat to not only one password protected portal but all the accounts that use the same key.
Hackers do not wait months to use a password they steal – when a hacker gets a hold of one of your passwords, they usually use this as soon as they have it. They do not sit around waiting for something else to happen before they cash in on what they got. This means that changing passwords periodically is not really going to help you that much.
It is advisable however that should you be alerted to a security breach, that you change your password immediately. This is especially important if you use one or two passwords across numerous platforms and accounts. If you have a hard time remember different passwords for different accounts, use a password keeper or password manager for this.
So, should you forgo password changes altogether or is the practice of changing these alphanumeric codes still worth keeping? Although it is indeed a good idea to change your passwords every now and then, every few months is not as good an idea as it used to be. It is recommended that you change your password only when alerted of a security breach in your system, or once every 6 to 12 months, instead of the usual 90 days that most systems require.
The reason why you should change your passwords just once or twice in a year is to ensure that you do create harder to crack codes. Try not to reuse old passwords on other sites or accounts simply because you can. Using unique passwords for all your various accounts is also advisable, and since it would be difficult to remember 10 to 15 unique passwords that are changed annually, you should also have a reliable password management app or system for this.