Chances are you have one good password or a steady rotation of ‘solid’ passwords you use for various devices and website logins. Passwords are something we all rely on, and you’ve probably had a minor panic attack before upon receiving an email about a ‘compromised password’ or that there was a data breach.
Cyber security’s first and most basic step is to have a secure password. You’re likely also aware that passwords should not only be unique to you but hard to guess. There are some general rules to live by, including:
- Using combinations of capital letters, numbers, and special characters
- Not making them obvious or including personal details.
But what some experts argue people aren’t doing enough is changing their passwords periodically. But how often should you change passwords? Let’s explore that.
Many experts have previously recommended that people should try to update their passwords on websites at least once every three months.
Many cyber security experts now suggest that unless you are made aware of a password breach (or any cyber security breach), there is actually no real need to change your passwords regularly. If the password is a strong, unique password, this might be enough of a
defense.
Two-factor authentication has made password security much more stable since its inception. While it can make for a slightly longer (and more demanding) setup, two-factor authentication allows even the easiest passwords to be quite strong. Hackers cannot get into an account with just the password if two-factor authentication is enabled. They need other details and direct access to another device when trying to ‘hack’ an account, which is something only the user can do.
A password manager is also a great tool to heighten your cyber security. Password managers store all of your passwords in one secure location and help scan the dark web for potential threats.
Cyber security experts often notice people recycling old passwords without a password manager, as they fear forgetting newly created ones. They, in essence, make a rotation of go-to passwords. While this practice isn’t as problematic as having one password for all accounts, or worse yet, your birthday, it’s still not a great idea. Password managers do much of the heavy
lifting for you, so you don’t have to rely on your memory! These experts also suggest that the less you log in to a website, the more vulnerable you are to hacking by cybercriminals. A password manager is the protection you need to keep private information safe from cybercriminals.
Here are some more concrete recommendations:
- If a company declares they’ve been the victim of a data breach, you should change your password immediately. If they indicate that their clients’ information has been compromised, you will typically be alerted by the company and need to act fast.
- If there is obvious evidence of unauthorized access to an account, it’s usually too late. If you suspect there have been attempts to access one or more of your accounts, change your passwords immediately. It’s always better to take preventative measures than wait until the damage is done.
- If you often log into computers in public places, use public Wi-Fi, or share access to a device with several people, it’s generally a good idea to update your password monthly.
In summary, there’s nothing wrong with some ‘healthy’ paranoia when it comes to cyber security and changing passwords. Password managers and two-factor authentication are great weapons to fight for your online safety.
