When was the last time you changed your password?


My boss doesn't want any passwords to ever change - which is very bad security policy. Experts say that you should not use the same password with more than one account [which is impossible if you link your Facebook account to everything], and use passwords with at least 8 characters that include upper case, lower case, numbers, and symbols. I last changed my password 3 months ago - which means it's probably time to change it again.

Topic: Security
Answer this Question


2 total
Vote Up (32)

There's also a belief that it's better to use pass phrases instead of passwords, because that makes it harder to crack since you can't run a standard dictionary attack on a passphrase. I last changed my password to a passphrase in January. How often should I change my password? Once a month sounds like a real pain.

Vote Up (27)

Here's a good article that tells you how to create strong passwords.

How To Create Strong Passwords That You Can Remember Easily

"Creating strong passwords for all your online accounts is not a thing you should do. It is a thing you must do. Two months ago, my Google account was hacked into. The hackers changed my password and blocked my access to the account. Luckily, I discovered this early and got Google to change my password via my secondary email account.

Last week, the MakeUseOf Google account was also hacked into and the hacker had the audacity to transfer the MakeUseOf domain out and blackmail the owner. In case you are still thinking that your password is strong and safe, maybe it’s time to wake up."

Ask a question

Join Now or Sign In to ask a question.
Among six major U.S. cities, CSOs are paid the most in San Francisco and New York, but factoring in the cost of living makes Denver and Chicago the best bang-for-the-buck places.
Apple's iOS 8 addresses a serious weakness that could allow attackers to hijack the wireless network authentication of Apple devices and gain access to enterprise networks.
Legislation introduced in the U.S. Senate on Thursday aims to place limits on access by U.S. law enforcement agencies to emails and other communications stored abroad.
Two online advertising networks, Google's DoubleClick and Zedo, have been delivering malicious advertisements that could install malware on a person's computer, according to the security vendor Malwarebytes.
Google is turning on data encryption by default in the next version of Android, a step that mirrors broad moves in the technology industry to ensure better data security.
CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.
Samsung on Thursday announced price reductions and updates for its Knox security and management software for IT shops and a free My Knox service that is directly available to professionals using ActiveSync.
The breach of Home Depot's payment systems may have compromised 56 million payment cards as a result of malware that has since been eliminated, the company said Thursday.
Apple outlined its new privacy policy and set up a site to explain what information it collects from users and how it handles it, as the company enters new areas like health tracking and mobile payments that have potential privacy implications.
Yelp has agreed to pay US$450,000 to the U.S. Federal Trade Commission to settle charges that the company accepted registrations to its services from children under 13 through its apps.
Join us: