October 18, 2024

Tired of having to change your passwords every few months?

The latest research on passwords is out and it flies in the face of conventional cybersecurity practices. Contrary to long-standing advice, experts now suggest that frequently changing your passwords might not be the best strategy for maintaining security. Instead, using longer, memorable phrases with spaces, such as “It’s a Hard Days Night!”, is emerging as a more effective approach.

For years, the conventional wisdom was to change passwords regularly to stay ahead of potential breaches. However, the U.S. National Institute of Standards and Technology (NIST) has found that this practice can actually undermine security. Frequent changes often lead to simpler, more predictable passwords as users struggle to remember new ones ¹ ². This can make accounts more vulnerable to attacks.

Longer passwords, especially those that are easy to remember, are now recommended. Phrases like “Merry had a little lamb!” are not only easier to recall but also significantly harder for attackers to crack due to their length and complexity ³. This approach leverages the natural language processing capabilities of modern password-cracking tools, making it more challenging for them to succeed.

Additional Strategies for Managing Passwords

Use a Password Manager: Password managers can generate and store complex passwords for all your accounts, ensuring each one is unique and secure. This reduces the risk of using the same password across multiple sites ⁴.
Enable Two-Factor Authentication (2FA): Adding an extra layer of security, such as a text message code or an authentication app, can significantly enhance your account protection ⁴.
Avoid Common Passwords: Research shows that many people still use easily guessable passwords like “123456” or “password”⁵. Avoid these at all costs and opt for more complex combinations.
Regularly Update Security Settings: Ensure your devices and applications are always up to date with the latest security patches. This helps protect against vulnerabilities that could be exploited by attackers ⁶.
Educate Yourself on Phishing Scams: Be aware of phishing tactics that trick you into revealing your passwords. Always verify the source before clicking on links or providing sensitive information.

By adopting these strategies, you can significantly enhance your online security. Remember, the goal is to make it as difficult as possible for attackers to gain access to your accounts. Embrace the simplicity and strength of passphrases and leverage modern tools and practices to keep your digital life secure.

³: American Banker ¹: Brobible ²: New Scientist ⁵: CNBC ⁶: IET ⁴: Security.org

Kim Krushell

Co-Founder & EVP Information Securities

Tired of having to change your passwords every few months?

Tired of having to change your passwords every few months?

Treefort Partnership with Prolegis!

Good News – Identity Verification Technology is Making a Real Impact in Preventing Identity Fraud in Real Estate!

Why you NEVER want to reuse a password!

Did you know that your phone systems can be hacked?

Be Aware of the Hidden Dangers of QR codes!

How Businesses can Repel the Hacker Horde Targeting Websites!

Identity Verification could have stopped this North Korean hacker from being hired by the US security awareness company, KnowBe4.

Treefort Technologies has started the process of obtaining Voilà Certification through the Digital Identification and Authentication Council of Canada (“DIACC”)!

Treefort Technologies partnership with LEXO!

Treefort Technologies partnership with Canada Mortgage Brokers Association of Ontario!

Understanding the New Language of Artificial Intelligence

Achieve real trust online.

Contact us:

Social:

Tired of having to change your passwords every few months?

You may also like

Achieve real trust online.

Contact us:

Social: