Do you change your passwords? (keyboard, e-mail, Microsoft, server)
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
Just wondering, because my 13 yo son knew my password to my AOL acct, and he has his own password with the parental controls, and then there is my husband who i am separated from that my son could tell the password to, if asked... whatever, background...
So, do you change your passwords every once in a while?
I changed my AOL password a couple weeks ago, and he tries to guess what it is, he hasn't tried to get in, LOL but he will never guess. He just said oh it has to be something so easy, and references a Disney character...
You should change your passwords on anything that you feel is important, banking, credit cards, utilities, e-mail, that is done on-line. Since I work in the Computer Security field I recommend to all family and friends that they change their passwords at least every 60 to 90 days and use at minimum of 8 characters (mixed upper case, lower case, numbers and special characters). I also tell them not to use any dictionary words, names, dates or anything normally associated with them personnaly. OK so I don't make it easy but the simpler the password the easier it is to guess, especially by those close to you. You don't want anyone gaining access to information that can be utilized against you, to damge your credit or gain enough information to steal your identity.
Location: Mableton, GA USA (NW Atlanta suburb, 4 miles OTP)
11,334 posts, read 26,076,879 times
Reputation: 3995
Quote:
Originally Posted by MagicTouch
You should change your passwords on anything that you feel is important, banking, credit cards, utilities, e-mail, that is done on-line. Since I work in the Computer Security field I recommend to all family and friends that they change their passwords at least every 60 to 90 days and use at minimum of 8 characters (mixed upper case, lower case, numbers and special characters).
Gack. Nice in a perfect world, yes, but not always viable -- for example, as a developer who writes software on multiple platforms I have to maintain over 40 different passwords just for work-related systems and sites, and some of those systems are mainframe systems which don't allow passwords to be longer than six characters or contain anything non-alphanumeric.
I'd also hate to think how many different passwords I maintain for personal use. 200-300?
While I do change them when I remember to (or am forced to) and I do tend to use non-obvious password formats with mixed letters/numbers/punctuation, etc., someone with a brute-force cracker or network tracer isn't really going to care how often you change things or which characters you're using -- they're going to find your password regardless. It just takes time and/or a good packet snooper.
Avoiding dictionary words does help avoid quick-n-dirty dictionary attacks, though.
Quote:
You don't want anyone gaining access to information that can be utilized against you, to damge your credit or gain enough information to steal your identity.
While true, changing passwords isn't going to prevent that. It may prevent continued issues with a given account, but maintaining different passwords for each system (and avoiding things like dictionary words) are far more secure practices than the simple act of changing them all every 30 days.
I would even go so far to posit that overly aggressive password change policies are a security threat, since such policies drive people to write their constantly changing passwords down more often because they can't keep up with remembering them.
Not everyone has a PDA available like I do for storing their passwords in a portable and encrypted manner, and even that is a pain in the butt with so many passwords being required these days. :-(
rcstiener - I agree with you on the points as you stated, but most my family and friends only have passwords for a few home things. And since I'm aware of the original poster's issues this would assist in keeping her son from gaining access as well as her soon to be x from getting access to her things. If someone wants the information they will get it and as seen in numerous incidents not through personal pc's but by gaining access to compay servers.
I've had the same password since 1997. Probably a bad idea, but I doubt anyone I know will crack it.
Famous last words. Any password can be brute forced, it's only a matter of time. Just because people you know can't crack it, does not mean someone you don't know can't crack it either.
I change my passwords on things tied to personal info. Stuff like forums and such I don't worry about.
I hate places with leinant password policies. Some sites that only let you use numbers and letters in a password while having a max length.
For home use, family and fiends only, it's not as critical. Necessary, though, as you found out. A password should have uppercase, lowercase, number, and symbol (look above your number keys) in it. It can be a common word written differently:
geraniums
G3r4n1uM$
Key in each of the "words" above at the site I linked. See the difference? Not too tough to remember, but pretty strong.
The danger of having PWs changed too often? The first place I look for a PW I don't know: Under the keyboard. About a 75% hit rate. Either just laying under it, or taped to it.
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
