Most of us know that if we want to protect our privacy we need to choose complex passwords, not reuse them over and over again, and of course, we need to change them often. However, according to the FTC (Federal Trade Commission), this last part could be doing more harm than good.
If this left you feeling confused, here’s a bit of an explanation: the reason why changing passwords is important is because the longer a password stays the same, the easier it is for a hacker to discover it. The problem arises when people start changing their passwords with predictable patterns – which is often the case with users who regularly change their passwords.
For example, instead of choosing long and complex passwords each time they change them, users often make very predictable changes. Usually, they end up capitalizing one letter in a password, advancing to the next letter with each change, e.g.: “Icecream90!”, iCecream90!”, icEcream90!”, and so on. Or, they keep increasing a digit with each change: “Icecream1!”, Icecream2!”, Icecream3!”, etc.
It’s no surprise really, as frequent (and sometimes mandated) password changes either bore or frustrate people so much that they end up creating detectable passwords.
When users make this kind of predictable changes, it’s pretty easy to detect their patterns and crack their accounts. So, to keep your cyber space safe and sound, do make sure to change your passwords but not too often, and when you do, choose long and complex ones instead of rehashing the old ones each time you want to change them.
Reference:
Digital Trends (http://www.digitaltrends.com/computing/federal-trade-commission-ftc-computer-password-changing-bad-idea/)
Chanwoo's Weekly Tech 