Jul 14, 2011

When was the last time you changed your password?

My boss doesn't want any passwords to ever change - which is very bad security policy. Experts say that you should not use the same password with more than one account [which is impossible if you link your Facebook account to everything], and use passwords with at least 8 characters that include upper case, lower case, numbers, and symbols. I last changed my password 3 months ago - which means it's probably time to change it again.

Here's a good article that tells you how to create strong passwords.

How To Create Strong Passwords That You Can Remember Easily

"Creating strong passwords for all your online accounts is not a thing you should do. It is a thing you must do. Two months ago, my Google account was hacked into. The hackers changed my password and blocked my access to the account. Luckily, I discovered this early and got Google to change my password via my secondary email account.

Last week, the MakeUseOf Google account was also hacked into and the hacker had the audacity to transfer the MakeUseOf domain out and blackmail the owner. In case you are still thinking that your password is strong and safe, maybe it’s time to wake up."

There's also a belief that it's better to use pass phrases instead of passwords, because that makes it harder to crack since you can't run a standard dictionary attack on a passphrase. I last changed my password to a passphrase in January. How often should I change my password? Once a month sounds like a real pain.

Answer this