Secure My Stuff Now

Simple Advice to Secure Your Life

Simple home and digital security advice to secure your life

When Should I Change My Password?

by

change password immediately

Set it and forget it. That’s how most people approach passwords. This is what hackers are banking on. That’s why it is important to change your password frequently. But when should I change my password?

How often should you change your passwords? Cybersecurity experts recommend that you change your password at least once every three months. You may need to change your password immediately if you have been hacked.

This article will discuss these situations and provide some tips on how to protect your passwords.

When do you need to immediately change your password?

Although 90 days is an ample amount of time between password changes, there are certain situations when you will need to change your password immediately.

When your account has been hacked

It’s crucial to change your password immediately if you suspect someone has hacked into your account. Did anyone in your address list receive an email that appears to be from you? Change your email password. Is your Facebook friend receiving a new friend request from you? You need to change your password. Changing your password immediately will help to limit the time that a cybercriminal has access to your account.

Trending
How To Choose The Best Padlock To Secure Your Stuff

After a Data Breach

You should change any passwords for affected accounts if there is a password breach at your workplace or in a company with which you do business. You will need to change the password to any other websites that you may use that password for. Hackers may attempt to steal your password on other websites if they gain access to it.

After using an unsecured network

Try to log out of your secure accounts whenever possible when you are using public Wi-Fi such as in a café or library. Unsecure networks are generally considered public – your activity on them will also be public. You should change your password if you use an unsecured network.

A VPN such as Cyberghost, or McAfee Secure VPN can be a good option. It automatically activates to protect your credit card and personal data even if you are using public Wi-Fi.

When you find malware

If malware infects your computer, it could put your personal information at risk. You should change your passwords from another device if you discover malware. Using trusted antivirus software can help alert you to malware.

After you have removed people from your account

Relationships can change. If you share an account like Amazon or Netflix with someone that you no longer have contact with, then change those passwords immediately. And obviously, your Ex doesn’t need access to your bank through the web or mobile app. Change the password immediately.

You have accounts that you no longer use

If you have an account that you haven’t used in the past year, it’s a good idea to change the password. And if you don’t use the account, close it. 

How to make a strong password

Hackers can be deterred when you use a strong password on your accounts. So, what makes a strong password? These are some criteria but also read this article for a more in-depth discussion about creating a strong password.

  • It is used for one account only. It’s easy to use the same or similar password for multiple accounts. However, if a hacker is able to gain access through one password, they will more easily be to gain access to others with the same or similar password.
  • It should be at least 12 characters long. To make it easy to remember, use a lyric from a song, poem or rhyme (for example, “herewegoroundthemulberrybush”). You can also abbreviate words from sentences (e.g., “my favorite book of all time is Lord of The Rings by JRR Tolkien”) or “mfboatilotrbjrrt”.
  • Make it complex. You should include at least one capital letter and one number as well as one symbol. A computer can quickly guess a password that contains eight letters. A 12-character password containing at least one uppercase letter and one lowercase letter, number and a special character will take 34,000 years to crack. Some websites allow you to create a passphrase. This can be a string of words up to 100 characters in length.
  • It should be difficult to guess. You should not give out personal information such as your initials or nickname, street address, or child’s or pet’s names.
  • It shouldn’t use common words. Common words can include “password” and “qwerty”. You’d be amazed at how many people use password123 or “123456”. Cybercriminals would not.

What are some of the most common methods passwords can be hacked?

Cybercriminals can employ a variety strategies to gain access to your passwords. These are the most popular.

  1. Guesswork: Password security requires unique passwords that do not include personal information.
  2. Shopping for passwords on the dark web: Search engines do not index the dark web and most dark web activities are not traceable, even the sale of passwords.
  3. Phishing: A hacker sends an email that looks like it is from a trusted source in order to trick the recipient into entering their password.
  4. Malware: Hackers could infect a device using malicious software that gives them access to personal data including passwords.
  5. Shoulder surfing: If sticky notes with your passwords are left on your desk, this could happen in a coffee shop.
  6. Spidering: These bots search the internet looking for personal information.
  7. Brute force attack: A bot attempts thousands of passwords in an attempt to find the right one.

How do you protect your online passwords?

Password complexity is only the beginning when it comes to protecting your data. These are some additional tips to help you keep your passwords secure.

Do a password audit

Check the passwords on all accounts. You should not use the same password for multiple websites. Check to see if your passwords can be guess. Are they containing personal information such as addresses or birthdays? You should change passwords that you discover are weak or repetitive.

Use multi-factor authentication

Multi-factor authentication can be set up for financial institutions and other important accounts, including social media platforms. To log in to a website using two-factor authentication, you will need to input a code sent via text or email, or received via a mobile app like Authy or Google Authenticator. This code is entered in conjunction with your username and password to authenticate your identity.

Multi-factor authentication may be required for some accounts. Moving forward, we will see more use of biometric factors such as thumbprints and face scans to authenticate users. Since Multi-factor authentication is more secure than simply using long and complicated passwords, it’s wise to add it to your online accounts where possible.

Use a password manager

A password manager that protects your passwords with strong encryption, can help you prevent unauthorized access from your online accounts. You can also use the password generator to create complicated passwords while safely storing them.

A password manager like Keeper can help you generate new passwords for weak or outdated passwords. The password manager will keep track of your passwords and sign you into apps and websites with one master password.

The Final Score

It is good practice to change passwords frequently. But, that can be a daunting prospect. We all would rather just set it and forget it. That’s where having a Password Manager can help you track passwords, securely store them, and change them when needed. However, there are times when you should immediately change your passwords, as discussed above. This will help avoid leaving your accounts exposed and your identity vulnerable to theft. So, should you experience any of these events, change your password for the impacted account immediately. Be smart and stay safe.