Changing Passwords Too Often Might Expose You To Vulnerability

Science, Technology

Changing passwords often and making them as complex as possible has been the go to method to lessen account vulnerability till now. In fact most organisation mandate their employees to change password as often as possible. But a recent advisory from Communications-Electronics Security Group (CESG) and UK intelligence says changing passwords too often might actually be counter productive.

Representational Image Courtesy geekonwheels
Representational Image Courtesy geekonwheels

The reason is that if a password is changed too often, users tend to keep passwords that are easier to remember. They might end up using passwords that are similar to their old password. It makes it easy to break them via guessing or brute force attacks. Social engineering also becomes a significant problem. If users are forced to keep complex passwords, they may not be able to remember it and write it down. Writing down passwords also increases the risks of security attacks significantly.

NSA contractor Edward Snowden had suggested in 2015 to make a shift from passwords to passphrases. He surmised that even a complex 8 character password can be easily brute forced under a second using a fast computer.  “The best advice here is to shift your thinking from passWORDs to passPHRASES. Think about a common phrase that works for you. It’s too long to brute force and also make them unlikely to be in the dictionary.”

Please follow and like us:
Soumyajit DasMazumdar on FacebookSoumyajit DasMazumdar on LinkedinSoumyajit DasMazumdar on Twitter
Soumyajit DasMazumdar
Soumyajit is an SAP technical consultant with a flair for writing. An avid blog reader, he started off with a free WordPress blog and slowly moved to his own personal news and blog site. Apart from writing he loves reading books, playing table tennis and long bike trips. He is currently trying to learn playing guitar and failing miserably.

Leave a Reply