As recently as 2012, tech experts recommended that people change their digital passwords once a month, at minimum. Unfortunately, this advice, shared as frequently and haphazardly as inspirational quote memes on Facebook, overshadowed the more important advice: Choose a password that is hard for hackers with sophisticated software to guess.
A strong password is the key to securing your personal information. If changing your password frequently causes you to select an easy-to-guess password, choose the strongest password you can and keep it for months at a time. That's better than having a weak password.
How strong are your passwords?
Your passwords are probably weak if you use:
- the same password for more than one site (or worse, for all your accounts).
- a word you can find in the dictionary.
- a personal philosophy or phrase that means something to you. If "workhardplayhard2015" is your password, hackers and people you know won't have to work very hard to discover it.
- the name of a pet, significant other, child, or parent.
- the word "password," (or any form of it, such as "pass" or "password1,") or a combination of sequential numbers.
- any sequence with consecutive repeating words or letters.
Your password should not be easy to read, follow a pattern, or be obvious to anyone out of diapers. If your password breaks any of these rules, or is on this "worst password" list, change it right now.
Long Live the Passphrase
Forget "words" altogether and choose a passphrase. Expert hackers can break a 10-character passcode in less than a week; adding an extra five characters makes it substantially harder. The longer your passcode is, the more secure it is.
You can use a password generator to create a password for you if you're stuck. But, with a little thought and creativity, it's easy to select that holy grail of passwords that is both easy for you to remember and difficult for others to guess.
Select a phrase that means something to you. Then, substitute some of the letters with numbers and symbols. For instance: MsCareerGirlGivesTheBestAdvice could become M5Car#erGir1Give$Th3Be$t@dv1ce. That's a strong password nearly impermeable to hackers and stalker ex-boyfriends alike.
If the end result is a bit much for you to remember, it's okay to write your password down and keep it in a secure place (NOT on Post-it note stuck to your laptop) or use a password manager to store your passwords.
Other Good Reasons to Change Your Password
You might also want to change your passwords if you broke up with someone, had a roommate move out, left your job, or had a falling out with a friend you used to trust. If any of these people had access to any of your passwords (maybe by reading them off those Post-it notes on your desk) or if you shared a computer, change your passwords right away. Don't forget to change your wireless router password, too.
Similarly, if you logged in to an online account on someone else's device and can't remember if you unchecked "Remember this password" or logged out, change the password just to be sure.
If one of your accounts was hacked, don't bother changing your password, just open a new account. Otherwise, hackers can trace your account modifications to break in again. In addition to this, you should change passwords to all your other accounts just to be safe.
Which Passwords to Change More Frequently
Experts used to advise computer users to change their passwords frequently under the assumption that hackers might break into an account and then wait months to do any damage. Chances are, if a hacker gets your banking information, he's emptying your account immediately and booking a flight to Cabo, not waiting around for months.
However, you should change passwords more frequently on accounts that hackers or people you know are more likely to monitor, such as your email and Facebook. Hackers can use these sites to collect personal information about you, which will make it easier for them to break into your financial accounts, where the profits await.
Staying One Step Ahead of Hackers
It's not easy to stay one step ahead of data breaches. If corporations like Target, eBay, and AOL have all been hacked in recent years, along with 47 percent of individuals, the odds are good you'll be a victim at some point. Strong passwords remain your first line of defense, so set up some good ones right now.