Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

Tip of the Week: Why You Should Rethink Routinely Changing Your Password

Tip of the Week: Why You Should Rethink Routinely Changing Your Password

One of the main ways to keep an account’s credentials secure is by changing them consistently. However, we ran across an article recently that plays “devil’s advocate” on the password security issue, and they made some fair points about how changing passwords too frequently can lead to decreased security as a whole.

At first, this idea may not make a lot of sense. The reason that we change passwords so often is to prevent them from being used in attacks on sensitive accounts. If hackers steal passwords that don’t work, they can’t access the accounts. IT administrators often require user passwords to be changed on a regular basis, which may prompt users to choose passwords that are easy to remember or less complex than they should be.

In reality, there are several news outlets and security websites that suggest changing passwords regularly will lead to less-secure passwords as a whole. ZDNet, The Washington Post, and WIRED magazine, all suggest that frequently changing passwords, despite its intended purpose, can lead to watered-down security. Consider this scenario: you’re using a password, but are suddenly forced to change it. Would you be more likely to create a whole new password, or use a slight variation of your current password?

The Washington Post writes, “forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.” This statement is backed by research from a study performed by Carnegie Mellon University, which found that those who feel that their organization’s password policy was annoying, created passwords that were 46 percent less secure. Additionally, users who need to update their passwords constantly often leave patterns that connect old passwords to new passwords, like replacing a letter with a number or special character.

ZDNet explains that changing passwords for the purpose of securing accounts in case of stolen credentials doesn’t make sense, simply because “stolen passwords are often exploited immediately.” The security website also cites that “regularly changed passwords are more likely to be written down (another vulnerability) or forgotten,” which only seems to add to the frustration of changing passwords on a regular basis.

The fact remains that passwords may not be the most reliable way of keeping accounts safe, but there are ways that you can make using passwords, and account security, easier to handle. One way is to use an enterprise-level password manager. You can store all of your organization’s credentials in one secure location, where they will be called from and propagate in the required fields when needed. This helps you utilize complex passwords without needing to remember all of them.

Another way that you can improve account security is through two-factor authentication. This adds a second layer of security to your accounts by requiring a secondary credential, which can be sent to a smartphone via SMS message, voicemail, an alternative email account, and more. There are also biometric or GPS-tracking two-factor authentication methods that are viable (and effective).

If you’re ready to improve your business’s security practices, reach out to Direct Technology Group at (954) 739-4700.

Download the Wrong App and Have More Than Pokémon ...
Warning: It’s Now a Crime to Share Your Netflix Pa...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 24 November 2024

Captcha Image

Blog Archive

2014
January
February
March
April
May
June
July
August
September
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

Direct Technology Group strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Direct Technology Group can do for your business.

1358 W Newport Center Dr
Deerfield Beach, Florida 33442

Call us: (954) 739-4700

News & Updates
Direct Technology Group is proud to announce the launch of our new website at www.directtechnologygroup.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...