Contact us today!

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Tip of the Week: Why You Should Rethink Routinely Changing Your Password

Tip of the Week: Why You Should Rethink Routinely Changing Your Password

One of the main ways to keep an account’s credentials secure is by changing them consistently. However, we ran across an article recently that plays “devil’s advocate” on the password security issue, and they made some fair points about how changing passwords too frequently can lead to decreased security as a whole.

At first, this idea may not make a lot of sense. The reason that we change passwords so often is to prevent them from being used in attacks on sensitive accounts. If hackers steal passwords that don’t work, they can’t access the accounts. IT administrators often require user passwords to be changed on a regular basis, which may prompt users to choose passwords that are easy to remember or less complex than they should be.

In reality, there are several news outlets and security websites that suggest changing passwords regularly will lead to less-secure passwords as a whole. ZDNet, The Washington Post, and WIRED magazine, all suggest that frequently changing passwords, despite its intended purpose, can lead to watered-down security. Consider this scenario: you’re using a password, but are suddenly forced to change it. Would you be more likely to create a whole new password, or use a slight variation of your current password?

The Washington Post writes, “forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.” This statement is backed by research from a study performed by Carnegie Mellon University, which found that those who feel that their organization’s password policy was annoying, created passwords that were 46 percent less secure. Additionally, users who need to update their passwords constantly often leave patterns that connect old passwords to new passwords, like replacing a letter with a number or special character.

ZDNet explains that changing passwords for the purpose of securing accounts in case of stolen credentials doesn’t make sense, simply because “stolen passwords are often exploited immediately.” The security website also cites that “regularly changed passwords are more likely to be written down (another vulnerability) or forgotten,” which only seems to add to the frustration of changing passwords on a regular basis.

The fact remains that passwords may not be the most reliable way of keeping accounts safe, but there are ways that you can make using passwords, and account security, easier to handle. One way is to use an enterprise-level password manager. You can store all of your organization’s credentials in one secure location, where they will be called from and propagate in the required fields when needed. This helps you utilize complex passwords without needing to remember all of them.

Another way that you can improve account security is through two-factor authentication. This adds a second layer of security to your accounts by requiring a secondary credential, which can be sent to a smartphone via SMS message, voicemail, an alternative email account, and more. There are also biometric or GPS-tracking two-factor authentication methods that are viable (and effective).

If you’re ready to improve your business’s security practices, reach out to Total Tech Care at 866-348-2602.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 02 August 2021
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Google Network Security Business Software Internet Email Microsoft Workplace Tips Backup Malware Data Innovation User Tips Hardware Mobile Devices Disaster Recovery Android VoIP Computer IT Services Smartphones Business Continuity Communication Smartphone IT Support Mobile Device Miscellaneous communications Small Business Network Collaboration Browser Productivity Business Management Quick Tips Users Upgrade Phishing Cybersecurity Outsourced IT Data Backup Windows 10 Windows Managed IT Services Server Save Money Data Recovery Cloud Computing Passwords Ransomware Windows 10 Office Tech Term Social Media Chrome Gadgets Holiday Microsoft Office Virtualization Managed IT Services Managed Service Saving Money Automation Cybercrime Computers Facebook IT Support Operating System Health Hacking Internet of Things BYOD Artificial Intelligence Networking Information Technology Wi-Fi Managed Service Provider Spam Covid-19 Office 365 Information Telephone Systems Alert Mobile Device Management Recovery Employer-Employee Relationship Social Engineering Mobility Remote Router BDR Bandwidth Password Money Big Data Applications Data Breach Remote Monitoring Mobile Computing Law Enforcement Application App History VPN Apps Data Storage Patch Management Human Resources Encryption Remote Computing Mobile Office Blockchain Government Paperless Office Private Cloud Office Tips How To Managed IT Training Data Management Work/Life Balance Gmail Settings Two-factor Authentication Windows 7 Google Drive Word Mouse Flexibility HaaS Marketing Avoiding Downtime WiFi IT solutions Entertainment Website Budget Data Security Wireless Infrastructure Bring Your Own Device Cleaning Data Protection Firewall End of Support Conferencing Physical Security Vulnerability Education Virtual Reality Apple Scam Safety HIPAA Sports Social Redundancy Keyboard Servers User Error Vendor Management Managed Services Meetings Staff Software as a Service Telephone System Machine Learning Vendor Connectivity Remote Work USB Display Hacker Save Time Voice over Internet Protocol The Internet of Things Lithium-ion battery Employee/Employer Relationship Spam Blocking Electronic Medical Records Computing Augmented Reality Computing Infrastructure Fraud RMM Going Green Hiring/Firing Customer Service Remote Worker Environment Cryptocurrency Battery Fax Server Shadow IT Legal Digital Signage Comparison SaaS Internet Exlporer Business Intelligence CES Virus Audit Worker Network Congestion PDF IT Management Unified Threat Management eWaste Procurement Business Technology Content Management Net Neutrality Access Control Botnet Computer Accessories Printing Proactive IT IT Plan Virtual Assistant Help Desk Authentication Best Practice YouTube Unsupported Software Wearable Technology Black Market Retail Hard Drives Printer Charger Bluetooth Managed Services Provider Instant Messaging Excel Update Compliance Remote Workers Robot Database OneNote Computer Care Document Management Current Events Risk Management Solid State Drive Biometrics Wireless Technology Telephony Google Docs Virtual Desktop Downtime Identity Theft Samsung IT Consultant Processor DDoS Data storage Automobile Value SharePoint Hard Drive Humor Monitor Start Menu Multi-Factor Security 2FA Distributed Denial of Service Customer Relationship Management Development Search Engine 5G Analyitcs Twitter Screen Mirroring Loyalty Frequently Asked Questions Policy Books Programming NIST Business Mangement Reputation Consultant Smartwatch Smart Tech Mobile Streaming Media Trending Windows 10s Dark mode Fiber Optics Content Messaging OLED Addiction Tech Support Analytics Amazon Cast Tip of the week webinar Procedure Antivirus Emergency Techology Virtual Machine Laptop Recycling Customers Best Available Employee Windows 8 Practices Professional Services Public Cloud dark theme Employer Employee Relationship Trend Micro Wiring Assessment Audiobook SMS IT service WIndows 7 Cabling Cache Amazon Web Services Windows Server 2008 FinTech Hypervisor Safe Mode Touchpad Criminal Tablet Hosted Computing Tools Shopping GDPR Television Politics AI Domains Advertising Default App Wireless Internet Online Shopping Employees Saving Time File Sharing Google Search Inventory Notifications Specifications IaaS Social Network Maintenance Camera Public Computer User IT Infrastructure Bloatware Wire PowerPoint Evernote Windows Media Player Regulations Travel Sales Transportation Bing Printers Relocation Tablets Millennials Computer Fan Rootkit Supply Chain Management Managing Stress Investment Entrepreneur Smart Office Wireless Charging Workers Monitoring Benefits Video Games Bitcoin Personal Shortcut Virtual Private Network ISP Cameras Workforce FENG Worker Commute IBM Experience ROI Cost Management Cables Shortcuts Flash Customer relationships Smart Technology Scalability Batteries Social Networking Digitize Project Management Cryptomining Nanotechnology Telecommuting Business Owner Supercomputer NarrowBand Cortana Software Tips Digital Signature Sync Emails Computer Tips Running Cable Search IT Assessment Warranty iPhone Memory Printer Server Peripheral Windows Server 2008 R2 HVAC Google Apps Analysis Netflix Digital Security Cameras Two Factor Authentication How to Managed IT Service OneDrive Administrator Files Manufacturing Devices Root Cause Analysis Knowledge Quick Tip Music Enterprise Content Management Chromecast HBO Security Cameras Science Accountants Skype Ergonomics Using Data MSP Copiers Microchip Colocation Biometric Security Thought Leadership Uninterrupted Power Supply Credit Cards Data loss Leadership PCI DSS Troubleshooting Password Management Password Manager Outlook

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...