Updated March 27, 2023.
The frequency of changing your passwords varies on your current password practices. For example, if you use strong, unique passwords for your accounts, you won’t have to change your passwords as often. However, there are circumstances where you should change your passwords right away such as a security breach, you suspect unauthorized access to your account, discover malware on your device and more.
Protecting your passwords and personal information starts with securing passwords. Your passwords are your first line of defense against intrusion, and there are some rules to follow for best password practices. Let’s take a closer look at some important password guidelines and how a password manager can help you take control of your passwords.
Changing Your Passwords In the Past
As with many security guidelines, password management rules have changed over the years. As passwords become more complex, the methods for compromising them have also improved.
You can have the best software in the world, but if you’re not actively monitoring your passwords, changing them regularly, and using good password habits, you’re putting yourself at risk.
The Better Business Bureau (BBB) recommends changing your password at least a few times per year, but this is outdated information. Most tech professionals recommend your password changes every thirty, sixty, or ninety days; depending on what the password is used for, how often the account is accessed and how strong the password is to begin with. However, changing your passwords cannot come at the expense of password strength.
According to cybersecurity experts, you don’t have to frequently change your password if you’re using strong, unique passwords for every account. A strong password is a combination of letters, symbols, and numbers; and with password managers, you don’t have to come up with one yourself. A password manager stores all of your passwords in a secure, encrypted location and aids you in generating strong passwords for each of your accounts.
Without a password manager, you’ll end up using recycled passwords more often or you might even forget certain passwords. This can lead to compromised accounts – placing all your sensitive information at risk.
When Should You Change Your Passwords?
Let’s take a look at some typical situations where a password change is necessary.
After a security breach
When a company you have an account with declares they’ve experienced a data breach, you need to change your password as soon as possible to protect your information. If your information has been compromised, you’ll typically be alerted by the company. However, most companies can take days, weeks or even months to alert their customers that they’ve had a breach. This is where a dark web monitoring tool can help.
BreachWatch® is one of Keeper Password Manager’s most popular add-ons. It constantly scans the dark web for credentials that match the ones stored in your vault. If it finds one of your credentials on the dark web, it immediately notifies you so you can change your password right away.
If you suspect unauthorized access
Don’t wait until there’s glaring evidence of unauthorized access on your accounts. By that time, it’s usually too late. If you suspect someone is attempting or has attempted to access one or more of your accounts, change your passwords immediately. It’s always better to take precautionary measures than to wait until the damage is done.
If you discover malware on your devices
Malware and viruses can put your computer at risk and leave your personal information exposed. If you discover such software on your computer after a scan, change your passwords immediately, and preferably from a different device, until you’re certain the virus has been removed.
If you share access to your accounts
Lots of people share access to accounts like Netflix and other media services. Some even share access to a joint bank account and access the info via web or mobile app. If you share access with someone you’re no longer in contact with, change your password as soon as possible. It’s best to not trust anyone outside of your circle of trusted people with your passwords.
Password Best Practices to Boost Your Password Security
Here are a few password best practices you should be following.
Use a password manager
Many services are free to use, and premium services offer extra security in the form of dark web monitoring and more. Not using a password manager leaves your passwords exposed, and you won’t have a good way to organize them. Using a browser, document or spreadsheet to organize passwords is not a good idea because they can be easily compromised. With a password manager you’ll be able to change passwords quickly and efficiently without having to worry about tracking down lost passwords or accounts.
Audit your passwords
Are you using the same password for multiple accounts? Are you using different versions of the same password? The golden rule of passwords is to never use the same password twice or variations of the same password. Do not use personal information in your passwords, such as names, pets, birthdays, anniversaries, addresses, social security numbers, children’s names, etc. Passwords should always be a random combination of letters, numbers and symbols or unrelated phrases.
You should audit your passwords at least a few times per year, so set aside some time for yourself to make sure it’s done correctly.
Change weak, compromised and recycled passwords first
If you’re just getting started with improving your password security, changing weak, compromised and reused passwords should be top priority. These are the most vulnerable and most likely to cause issues.
Implement multi-factor authentication
Multi-Factor Authentication (MFA) acts as an extra layer of security for your online accounts. Rather than logging in with only a username and password, you’ll have verify who you are with one or more additional authentication methods. This means that anyone trying to access an account will face a more extensive authentication process than simply entering a password. This is best for sensitive accounts, but use it with any accounts you can.
Manage Your Passwords Easily With Keeper
Without proper password habits, it’s easier to fall victim to cybercrime and identity theft. Take control of your passwords with a password management service like Keeper to better protect your personal information and make necessary password changes an easy task.