Reasons to change your password

February 25th, 2008

One of the questions I often get is why should I change my password. Here are five technical reasons for regular password changes.

1. Having a password change schedule reduces the likelihood that the same password is used for multiple accounts. For example, we wouldn’t want our password to be the same as our UMW password. Right? : )

2. Passwords can be guessed over time. ‘Shoulder surfing‘ helps.

3. Passwords can be attacked with brute force. Periodic changes reduce the effectiveness of this type of attack.

4. Password can be ‘sniffed’ with older insecure protocols.

5. If someone has captured your password, then changing it will take care of that issue.

Weak Passwords

March 28th, 2007

Here is an interesting blog entry on passwords. Note specifically the chart where he shows how long it takes to crack passwords.