General question about passwords

January 9, 2017 at 12:08:05
Specs: several
The user guide for my new HP notebook has the usual
suggestions for passwords, including the suggestion to
"Change your passwords at least every 3 months."

I am skeptical that there is *any* realistic situation in
which changing a password on a regular or semi-regular
basis has any value. Can you think of one?

-- Jeff, in Minneapolis


See More: General question about passwords

Reply ↓  Report •


#1
January 9, 2017 at 14:27:09
It's all about Cyber Security. Where I work, we're forced to change passwords every 90 days. This includes our computer password, iPhone, & every single password protected program we use. Some of programs also require a randomly generated Secure ID code after the initial password is entered. A PIN is required to generate the ID code & if the code isn't entered within 60 seconds, a new code has to be generated.

Reply ↓  Report •

#2
January 9, 2017 at 15:45:45
So, do you think changing the passwords like that does
anything helpful? If so, what? Would it be better if you
changed the passwords every week? Every day? Every
90 minutes? How is every 90 days a good choice?

-- Jeff, in Minneapolis


Reply ↓  Report •

#3
January 9, 2017 at 18:32:31
If you have to enter a password on a website (over Internet) make sure the page is encrypted (HTTPS). otherwise you send a clear text, that any sniffer can display, over Internet.
FTP and TELNET are insecure protocols, never enter a password over Internet for these protocols

Make your password complex enough. No "dictionary" words or birthdays or any guessable combination, even if that is 20+ characters long. Use caps for some letters, add special characters (,./{}[]|\!@#$%^*()) and numbers.

If you suspect an attack, or are inform of one, change password(s).
There is no absolute security anymore. Even encrypted pages can be snooped on by government or malicious organizations if you have something they want from you!

Am I doing all that I listed above? NO! I'm not that paranoid yet...
My banking and company use 2 step authentication as RIIDER explained; a password that is changed every 90 days and if access over Internet; SMS or soft-generated pass-code.


Reply ↓  Report •

Related Solutions


Ask Question