Changing passwords frequently? It’s not worth it

Frequently changing passwords can cause us to choose passwords that are easier to remember and therefore potentially more vulnerable

Advising experts and security forces sometimes don't walk on the same path. In some cases, there's even a risk of them colliding. And that's where we users come in, with our doubts, favorite victims of hackers.

The question is: who should we listen to? Many Internet users, especially Americans, have been faced with this question after a tweet published by the FBI on November 25. The federal police invited users, on the occasion of the opening of Christmas shopping, to change passwords more frequently. Experts, however, do not agree at all: changing access keys continuously can have the opposite effect. The reason is very simple: people would tend to choose passwords that are easier to remember and therefore less difficult for hackers to discover.

Securing your data

Among the many people who don't think like the FBI we find Per Thorsheim, the founder of the first conference on passwords, who entrusted his thoughts to the Motherboard website. According to the expert, constantly changing passwords is a bad habit. Let's go back to the starting point. Who is right? The truth is always in the middle. Changing your password is a bad idea only when you then replace it with another one that is simple and easy to remember, and this unfortunately happens a lot. The ideal would be to rely on password managers, programs able to generate access keys that are more complicated and difficult to discover.

Using password managers

Unfortunately, the fault is not only of these greedy and skilled computer fraudsters, but also ours, due to the reckless and superficial behaviors we put into practice when we surf the Internet. Some examples? According to recent studies, in the top ten of the least secure passwords we find "123456", "welcome" and "password". Then there is a large segment of people, as shown by a survey conducted by Norton by Symantec, who despite being aware of the importance of protecting their data on the Internet, open links or attachments from unknown sources.