The Drawbacks of a Frequent Password Reset

By Jane C

Today, we are increasingly more aware of cybersecurity, whether it’s about our social media accounts, e-mails, or even banking apps. Passwords are still our only and, therefore, the best option to protect our online accounts and privacy. ExpressVPN’s study investigates how often people change their passwords. The results show that they spend several hours a year on that task.

Wasting precious time

People spend an average of four minutes when resetting their passwords. In the past, most cybersecurity experts agreed that we should reset our passwords frequently, at least several times a year. The logic behind this is that if the password is compromised, cyber criminals will have control over the account for a relatively short time. There are still companies where changing passwords every three months is mandatory as protection against cyber criminals.

But is that necessary, or is it just a waste of time? 

In the last few years, most experts have concluded that we shouldn’t change our passwords unless we assume they’ve  been compromised. 

If you assume someone has been tampering with your account, reset your password as soon as possible. The same goes for if you discover malware, if you used an unsecured network, or if you don’t longer use accounts. 

Strong passwords

People need to be made aware of the importance of having strong passwords. It is popular to use common passwords, even nowadays. There are different reasons behind that. Some people are not familiar with the risks weak passwords entail and the concept of cyber security in general. Some are willing to take that risk because memorizing one weak password over several strong ones is easier. 

-It is helpful to remember what such a password should contain:

-At least eleven charactersA mixture of letters and numbers 

-A mixture of both uppercase and lowercase letters

-At least one special character, e.g., ! @ # ? ]

Using password managers is the best way to manage your passwords. A password manager is a computer program or an app that stores, generate, and manages users’ passwords. Password managers are also efficient as a defense against phishing and pharming.

Reset it or not?

If you already made sure that your passwords are difficult to crack or even went the extra step and always used a different password for all online accounts, one question remains: Should you reset your passwords frequently, and how frequently? According to Google, you should change your passwords every three months. Most sites and articles say the same, with a few exceptions. Still, some cybersecurity experts propose that users who often change their passwords make their accounts easily hackable. 

Conclusion

As technology advances, so do the hackers’ techniques to guess and steal passwords. 

In conclusion, recent studies show periodic password changes have no positive impact on cybersecurity. This is because most cyber attacks have more to do with weak passwords and phishing or malware and have little to do with password age.