{"id":102538,"date":"2020-11-01T11:00:00","date_gmt":"2020-11-01T08:00:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/should-you-change-your-passwords-regularly\/"},"modified":"2020-11-01T11:00:00","modified_gmt":"2020-11-01T08:00:00","slug":"should-you-change-your-passwords-regularly","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/should-you-change-your-passwords-regularly\/","title":{"rendered":"#Should You Change Your Passwords Regularly?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2d3104b55f0\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2d3104b55f0\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/should-you-change-your-passwords-regularly\/#The_Theory_of_Regular_Password_Changes\" >The Theory of Regular Password Changes<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/should-you-change-your-passwords-regularly\/#The_Downsides\" >The Downsides<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/should-you-change-your-passwords-regularly\/#Why_Changing_Passwords_Wont_Necessarily_Help\" >Why Changing Passwords Won\u2019t Necessarily Help<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/should-you-change-your-passwords-regularly\/#When_You_Do_Want_to_Change_Passwords\" >When You Do Want to Change Passwords<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/should-you-change-your-passwords-regularly\/#Focus_on_Useful_Advice\" >Focus on Useful Advice<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#Should You Change Your Passwords Regularly?&#8221;<\/strong><\/p>\n<div>\n<img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"password-expiration-should-you-regularly-change-your-password\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2014\/04\/xpassword-expiration-should-you-regularly-change-your-password.jpg.pagespeed.gp+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.E9tOoCTOvY.jpg\" alt=\"password-expiration-should-you-regularly-change-your-password\" width=\"650\" height=\"300\" border=\"0\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<p>\u201cChange your passwords regularly\u201d is a common piece of password advice, but it isn\u2019t necessarily good advice. You shouldn\u2019t bother changing most passwords regularly \u2014 it encourages you to use weaker passwords and wastes your time.<\/p>\n<p>Yes, there are some situations where you\u2019ll want to regularly change your passwords. But those will probably be the exception rather than the rule. Telling typical computer users they need to regularly change their passwords is a mistake.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_Theory_of_Regular_Password_Changes\"><\/span>The Theory of Regular Password Changes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Regular password changes are theoretically a good idea because they ensure someone can\u2019t acquire your password and use it to snoop on you over an extended period of time.<\/p>\n<p>For example, if someone acquired your email password, they could log into your email account regularly and monitor your communications. If someone acquired your online banking password, they could snoop on your transactions or come back in several months and attempt to transfer money to their own accounts. If someone acquired your <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Facebook<\/a> password, they could log in as you and monitor your private communications.<\/p>\n<p>Theoretically, changing your passwords regularly \u2014 perhaps every few months \u2014 will help prevent this from h<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ening. Even if someone did acquire your password, they\u2019d only have a few months to use their access for nefarious purposes.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"changed-all-my-passwords-to-incorrect\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2014\/04\/xchanged-all-my-passwords-to-incorrect.jpg.pagespeed.gp+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.f27C7efVxe.jpg\" alt=\"changed-all-my-passwords-to-incorrect\" width=\"650\" height=\"366\" border=\"0\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_Downsides\"><\/span>The Downsides<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Password changes shouldn\u2019t be considered in a vacuum. If human beings had infinite time and perfect memory, regular password changes would be a fine idea. In reality, changing passwords imposes a burden on people.<\/p>\n<p>Changing your password regularly makes it harder to remember good passwords. Rather than create a strong password and commit it to memory, you must attempt to remember a new password every few months. Users who are forced to regularly change their password by a computer system may end up appending a number \u2014 so they may use password1, password2, and so on.<\/p>\n<p>It\u2019s hard enough to change your password regularly for a single account and remember your new password each time. But we all have many passwords \u2014 imagine having to change your password regularly and constantly remember unique, strong passwords for a large number of services.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>Why You Should Use a Password Manager, and How to Get Started<\/em><\/strong><\/p>\n<p>It\u2019s already basically impossible to choose strong, unique passwords for every website and remember them \u2014 that\u2019s why we recommend using a password manager like LastPass or KeePass. If you change your password every few months, you\u2019ll likely end up using weaker passwords and reusing them across multiple websites. It\u2019s much more important to use strong, unique passwords everywhere than to change your password regularly.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"password-written-down-on-sticky-note\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2014\/04\/xpassword-written-down-on-sticky-note.jpg.pagespeed.gp+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.UOxs02-DSR.jpg\" alt=\"password-written-down-on-sticky-note\" width=\"650\" height=\"531\" border=\"0\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why_Changing_Passwords_Wont_Necessarily_Help\"><\/span>Why Changing Passwords Won\u2019t Necessarily Help<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Regularly changing your password won\u2019t help as much as you might think. If an attacker gains access to your accounts, they\u2019ll most likely use their access to cause damage right away. If they gain access to your online banking account, they\u2019ll log in and attempt to transfer money out rather than sit and wait. If they gain access to an online shopping account, they\u2019ll log in and attempt to order products with your saved credit card information. If they gain access to your email, they\u2019ll likely use it for spam and phishing, or attempt to reset passwords on other sites with it. if they gain access to your Facebook account, they\u2019ll probably attempt to spam or defraud your friends immediately.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>Who is Making All This Malware &#8212; and Why?<\/em><\/strong><\/p>\n<p>Typical attackers won\u2019t hold onto your passwords for an extended period of time and snoop on you. That\u2019s not profitable \u2014 and attackers are just after profit. You\u2019ll notice if someone gains access to your accounts.<\/p>\n<p>Changing your password regularly is also essential if you use the same password everywhere, because it\u2019s likely your password is constantly being leaked when one of the services you use is compromised. Rather than change that single password regularly, you should deal with the real problem here and use unique passwords everywhere.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; padding-top: 0px; padding-left: 0px; display: inline; padding-right: 0px; border: 0px;\" title=\"adobe-password-database-compromised\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2014\/04\/xadobe-password-database-compromised.png.pagespeed.gp+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.wHxY2vCueS.png\" alt=\"adobe-password-database-compromised\" width=\"648\" height=\"425\" border=\"0\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"When_You_Do_Want_to_Change_Passwords\"><\/span>When You Do Want to Change Passwords<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Changing passwords can help if someone who isn\u2019t a traditional attacker has access to your account. For example, let\u2019s say you shared your Netflix login credentials with an ex \u2014 you\u2019ll want to change your password so they can\u2019t use your account forever. Or, let\u2019s say someone close to you gained access to your email or Facebook password and used your password to spy on you. When you change your passwords, you\u2019re primarily preventing this sort of account sharing and snooping, not preventing someone on the other side of the world from gaining access.<\/p>\n<p>Regular password changes can also be valuable for some work systems, but they should be used with thought. IT administrators shouldn\u2019t force users to change their passwords constantly unless there\u2019s a good reason \u2014 users will just start using weak passwords, writing down passwords, or even switching back and forth between two favorite passwords.<\/p>\n<p><strong>RELATED:<\/strong> <strong><em>Heartbleed Explained: Why You Need to Change Your Passwords Now<\/em><\/strong><\/p>\n<p>Password changes in response to specific events are a good thing, of course. It\u2019s a good idea to change your passwords on websites that were vulnerable to Heartbleed but have now patched it. Changing your password after a website has its passwords database stolen is also a good idea.<\/p>\n<p>If you are reusing passwords for different websites, changing your password on all those sites is a good idea if one of those sites is compromised. But this is the worst thing you can do \u2014 the real solution here is using unique passwords, not constantly changing your shared password to a new one on all the services you use.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border: 0px;\" title=\"heartbleed\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2014\/04\/xheartbleed.jpg.pagespeed.gp+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.v8ePVpT5hi.jpg\" alt=\"heartbleed\" width=\"640\" height=\"640\" border=\"0\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Focus_on_Useful_Advice\"><\/span>Focus on Useful Advice<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><strong>RELATED:<\/strong> <strong><em>Ask How-To Geek: What&#8217;s Wrong With Writing Down Your Password?<\/em><\/strong><\/p>\n<p>The problem with advising people to change their password regularly is that it\u2019s such distracting advice. Using strong, unique passwords everywhere is already almost impossible advice to do if you\u2019re not using a password manager to remember them for you. Two-factor authentication is also helpful as it can prevent your accounts from being accessed even if someone steals your passwords. Rather than tell people to regularly change their passwords, we should be passing on useful advice like \u201cuse unique passwords everywhere\u201d \u2014 something most people don\u2019t presently do.<\/p>\n<p>This isn\u2019t the only piece of advice we disagree with. For most home users, writing down some passwords is actually not a bad idea \u2014 it\u2019s definitely better than reusing the same password everywhere.<\/p>\n<hr\/>\n<p>We\u2019re not the only ones advising against regular, indiscriminate password changes. Security expert Bruce Schneier has written about why <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/www.schneier.com\/blog\/archives\/2010\/11\/changing_passwo.html\">changing passwords regularly isn\u2019t good advice<\/a>, while Microsoft Research has also concluded that <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"http:\/\/www.pcmag.com\/article2\/0,2817,2362692,00.asp\">changing passwords regularly is a waste of time<\/a>. Yes, there are some situations where you may want to do this \u2014 but passing on advice like \u201cchange your passwords every three months\u201d to typical computer users is doing more harm than good.<\/p>\n<p><small>Image Credit: <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"http:\/\/www.flickr.com\/photos\/tinfoilraccoon\/153585408\">rochelle hartman on Flickr<\/a>, <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"http:\/\/www.flickr.com\/photos\/toaireisdivine\/9415848746\">Lulu Hoeller on Flickr<\/a>, <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"http:\/\/www.flickr.com\/photos\/jopoe\/6378526057\">Joanna Poe on Flickr<\/a>, <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"http:\/\/www.flickr.com\/photos\/snoopsmaus\/13762970893\">snoopsmaus on Flickr<\/a>, <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"http:\/\/www.flickr.com\/photos\/medithit\/10099612343\">medithIT on Flickr<\/a><\/small><\/p>\n<\/div>\n<p><script>\n setTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s) } (window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n   fbq('init', '335401813750447');\n   fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener noreferrer\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.howtogeek.com\/187645\/htg-explains-should-you-regularly-change-your-passwords\/\" target=\"_blank\" rel=\"noopener noreferrer\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#Should You Change Your Passwords Regularly?&#8221; \u201cChange your passwords regularly\u201d is a common piece of password advice, but it isn\u2019t necessarily good advice. You shouldn\u2019t bother changing most passwords regularly \u2014 it encourages you to use weaker passwords and wastes your time. Yes, there are some situations where you\u2019ll want to regularly change your passwords&#8230;.<\/p>\n","protected":false},"author":1,"featured_media":102539,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.howtogeek.com\/thumbcache\/2\/200\/328b8310597b80fab3ac0dbfa9d5e30c\/wp-content\/uploads\/2014\/04\/password-expiration-should-you-regularly-change-your-password.jpg","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-102538","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/102538","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=102538"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/102538\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/102539"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=102538"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=102538"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=102538"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}