Opinion: How often should you change your password?

Discussion in 'other security issues & news' started by ronjor, Nov 11, 2010.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
    Bruce Schneier
     
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    2 words. Password Manager. Anybody that is still writing their passwords down should be smacked. And if your password changes just update the password manager, which can usually generate one for you. It doesn't matter if I have to change any of my passwords. The only one is know is the one for the password manager. Don't use the same password for 2 different accounts. People are making this too hard. o_O
     
  3. ABee

    ABee Registered Member

    Joined:
    Jun 2, 2010
    Posts:
    330
    I'm in complete agreement. I've changed no password in years.
    The ones I've always used still work, and they haven't been compromised.

    Schneier posted this already quite some time ago, btw.
    Guess he decided to re-post and give it a fresh date.

    Then how would you propose recovering passwords if the computer or hard drive should go kaflooey?

    The writing down of them is not the problem, it's where that information is then stored that makes for a good/poor security practice.
     
  4. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    The only time I change it is when I suspect my account has been compromised.

    Also use LastPass for non-important sites (not banking or e-mail).
     
  5. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    You would be out of luck if you only had one copy. A good question if you only have one copy. I have a desktop, a laptop and an external drive that all have a copy of the password database. Having only one written copy could have the same outcome if you only have one copy and lost it in a fire or the dog found your sticky note and ate it. *puppy*

    As for changing passwords I agree that there is no point unless you suspect your password may have been discovered by someone. It won't do a lot against someone trying to crack it. The one you change to may be easier than the one you had.
     
  6. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    Another who agrees on not changing passwords. The only time I change any of my passowrds is if I think they might have been comprimised and at a couple of places I log in to that decide for me. The worst is one that requires I change my password every 60 days. While that is an annoyance, it's not a real problem. I just use my password manager to generate the new password. I'm not worried lossing all of my passwords, automated daily backups (to other media) and manual backups after making changes to the passsword store in my password manger ensures I will have copies.
     
Loading...
Thread Status:
Not open for further replies.