Changing your password too often may put you at greater risk.
When trying to understand how to best create strong passwords and consistently manage them, we are exposed to a variety of strategies that are promised to be the most effective way to protect our sensitive information. There are two rules that are currently advised – (1) use long passphrases instead of trying to come up with a random password (e.g. “I_l0ve_horses_the_m0st!”, and (2) use a password manager to generate unique passwords for each site and make the passphrase for that password manager strong (we recommend at least 12 characters)
However, an additional tip often suggested is that you should update your passwords frequently (e.g. every month), however, this is not advisable. Doing this may actually contribute to weaker password security because the more one is required to change their password, the lazier he or she becomes when creating them.
The only time you should change your passwords for a particular account is --
- If that account was hacked or the service associated with that account was breached
- There was unauthorized access into one of your devices or accounts
- A person you once shared in an account with is no longer using the account
- You logged into the account on a public computer
- It’s been a year or more since you changed the password
Contact Our Experienced Cybersecurity/Data Privacy Team
Cybersecurity measures are constantly evolving because cyber thieves are constantly adjusting their techniques to find new ways to steal information. Our team is focused on educating businesses on what data they possess and their regulatory and legal responsibilities as to that data to enable a focus on putting policies and procedures in place to ensure they are protecting that data and complying with all applicable laws.
Call today for a consultation with a cybersecurity/data privacy lawyer.
Think Twice Before Saving Your Password On Your Internet Browser
What Can You Do To Ensure Your Passwords Are Strong?