G+_George Kozi Posted August 19, 2018 Share Posted August 19, 2018 Originally shared by nixCraft Some useful advice from Maastricht University about your password Link to comment Share on other sites More sharing options...
G+_Tim Box Posted August 19, 2018 Share Posted August 19, 2018 I'm not sure changing your passwords is good. Better you use a password app and have very hard passwords. So hard only the app would remember than keep changing them. Every time you change you make it simpler to remember. Link to comment Share on other sites More sharing options...
G+_John Mink Posted August 21, 2018 Share Posted August 21, 2018 Tim Box I see that as a false choice. It's a question of mitigating risk. If you're worried about password reuse attacks (as you should be) than unique complicated passwords are the way to go. However, if you're worried about a password getting leaked and you not knowing about the leak, then changing your password will help with that. Complicated passwords are significantly harder to crack but offer no protection once your password is known. Best security is to use a password manager (or other super complicated and non-resued passwords) AND regularly change your password. But that's burdensome because most websites don't allow you to do that easily, and most people don't want to track that. So, if constantly changing your password will result in a weaker password, I tend to agree... but it doesn't HAVE to. Link to comment Share on other sites More sharing options...
G+_Tim Box Posted August 21, 2018 Share Posted August 21, 2018 John Mink As I said "Better you use a password app and have very hard passwords." If your password get hacked then it's just the one site and 99% of sites at least hash them so it's going to be hard. In my days in a big company you would end up using the same password and changing a number at the end every time you were forced to change them. Even the man who started the change your password frequently says now its a bad idea A nice article on it from wired wired.com - Want Safer Passwords? Don't Change Them So Often | WIRED Link to comment Share on other sites More sharing options...
G+_John Mink Posted August 21, 2018 Share Posted August 21, 2018 Tim Box I think we're arguing two separate but similar points. For someone doing what you describe (changing the number at the end, to match the month for instance, so the password is technically different...as I too have seen people do) then yes, they're better of not changing them. If you're using a password manager and having it generate the password based on the ruleset provided by the company...then by all means, change it as often as you can. But maybe you're right as this poster is meant for the average person who isn't using a password manager anyway. So maybe "change it often" would be taken as "don't make it too complicated". In that case, I'm with you. Link to comment Share on other sites More sharing options...
G+_Dennis Dowd Posted August 25, 2018 Share Posted August 25, 2018 I don't wear underwear. Link to comment Share on other sites More sharing options...
Recommended Posts