Can Changing Passwords Monthly Improve Security?
I have to be frank here. It does not make much difference.
When I was working in a BPO company, we were asked to regularly change our passwords in different accounts in the span of 30 days to 3 months. This method is practiced to ensure security of the customers and to avoid leak of information protected by the company.
Temporary storing of passwords is a wide tradition to most companies now.
However, there is a critical problem of changing passwords on a particular time frame. According to the GCHQ report, changing passwords on a routine will lead to using the same passwords on many websites.
For example, if your password for this month is “Oklahoma01”, most like your password for the next month will be “Oklahoma02”. Then it will be Oklahoma03, Oklahoma04, so on and so forth.
Alright, let’s face it. We don’t have the patience to remember different passwords on the same time. Then, if we forgot it because a single digit or character is mistaken, you will be in great trouble for undergoing the long process of retrieving a system generated password.
One could further argue that changing password may delay the work of hackers who already know your previous password. However, with the use of malware, your current password will be crack immediately.
Instead of offering a real solution, changing of passwords on a routine harms the users through the hassle it brings.
Please read the related articles:
You might also like to read: