How often should you change your password? Well a lot depends on the type of account, what you use it for, if you have been compromised and your comfort level. Let's face it, we all have oodles of passwords. Changing them all the time can be time consuming but it gives peace of mind. Seriously, I have changed my Blogger (Google) password twice tlast week. The first time was due to a suspected compromise. It was a good, strong password. Then I changed it again to make it a butt a$$ ugly but stronger password. Trust me it is about as ugly as it can get! I change my passwords when:
- I remember - Ideally passwords should be changed at least twice a year so think spring and fall. Some recommend changing them more often.
- I think one or more accounts have been compromised - If I feel an account has been compromised in any way I change the password then work my way through changing the passwords for any accounts the compromised account could lead to.
- something is amiss - Sometimes something in an account goes amiss. There isn't the panic that someone has hacked into or hijacked my account, but more of something just not working as it should. This can be a sign the site is having problems or someone hacked in and is just doing a bit of toying. I change the password anytime I notice this type of thing.
- I revoke access - This mainly applies to Twitter and Facebook that can be used to sign into other accounts. If I revoke access as in Facebook can no longer access Site A, I change Site A's password.