When and how often to change your password is an age-old question in our industry. The reason people keep asking is probably that there is no straight answer. You need to change your passwords often, some more than others, but there are also times when changing your password may be a waste of time. Here are our recommendations for how often, and how to change your passwords.
The answer to “how often should you change your password?” is anything between monthly, to twice a year. However, you need to be smart about your passwords so that you are actually protecting yourself, not just wasting time on a new password that may not increase your security. Here’s how you effectively change your passwords to protect yourself from being hacked.
The biggest mistake that people make is to generate their own password. You may have chosen a long sentence that means something to you, and then made it hard to decipher using numbers and symbols to make it harder to guess. However, when you generate your own password, and you have to change that password, the chances are that you will choose a password that is very similar to the last one. We get it; it needs to be impossible for hackers to guess, but not impossible for you to remember. However, if a hacker manages to get access to one of your old passwords, it will make it much easier for them to figure out your new password.
Reduce damage by changing passwords
Although ransomware is hugely popular, there are plenty of security breaches that you won’t notice until they’ve stolen a whole bunch of sensitive information from you and our clients. The more often you change your password, the fewer times hackers will have access to an old and compromised password. You can minimize a lot of damage the more often you change your passwords.
When you create your own password, you also tend to repeat that password again and again. The more times your password is repeated across sites, apps, and software, the more vulnerable you are to being hacked. If you repeat passwords, a hacker only has to figure out one password to get access to multiple accounts. Make sure that you have individual passwords for your most high-risk data.
Use a password generator for the most secure passwords and the highest level of security. All you need is one master password, and the generator will take care of the rest for you, making sure that you get individual passwords for all accounts. Password generators will create passwords using random numbers, symbols, and letters and then remember them for you. You will also get prompts about passwords that may be weak, or duplicated, as well as when it is time to change the password.
You don’t need to remember your passwords
The fact that you won’t even know the password to all of your accounts is an extra level of security. How can you give up your password if you don’t know it? Having a password generator remember all of your passwords also eliminates the need to write down passwords on a post-it and tagging it to your computer. You’d be amazed at how many people still leave clues around with their passwords. The post-it is a great invention, but it can also betray you if you’re not careful.
Another security measure is to set up 2 Factor Authentication (2FA) for an extra layer of security. Even if you know the username and password, you will still be asked for a piece of information that you, and only you, will have. This could be a code that is sent to another account that you will have to access or your phone.
OnePointSync has complete IT and cybersecurity solutions for small and midsize businesses in Denver. Get a quote from an expert and secure your business.