yitit
Home
/
Computing
/
Want some security advice? Don’t reset your passwords too often
Want some security advice? Don’t reset your passwords too often-February 2024
Feb 12, 2026 2:42 AM

  Image used with permission by copyright holderSetting your password as “password” has long been dinged as a sure-fire way to invite trouble when it comes to your digital privacy. And obviously, if you’re using the same password for everything on the Internet, you may be in trouble. But while security firms have long discussed the common pitfalls of online security, another practice that may seem solid in theory is now being warned against as well. On Thursday, in observance of World Password Day, the U.K. government urged its citizens not to change their passwords too frequently, claiming that this practice is actually more harmful than it is helpful.

  “In 2015, we explicitly advised against it [changing passwords],” British intelligence and security organization GCHQ’s Communications-Electronics Security Group (CESG) wrote recently. “This article explains why we made this (for many) unexpected recommendation, and why we think it’s the right way forward.”

  Recommended Videos

  So what’s the issue with constantly changing things up? According to the organization’s 16-page report, repeatedly resetting your codes “doesn’t take into account the inconvenience to users.” A secure password, CESG notes, should be both long and random, which makes them fundamentally difficult to remember. And while you can create and remember a few long and random strings, it’s hard to do this for dozens of passwords. “When forced to change [a password], the chances are that the new password will be similar to the old one,” security experts warn. “Attackers can exploit this weakness.”

  Related

  AMD might still have some next-gen GPUs left in the tank — but I don’t buy it You don’t have to use Bing – Google Search has AI now, too Don’t waste your money on a MacBook Air. Just buy a Chromebook instead

  CESG also notes that frequent change can be rather counterproductive — in order to remember new strings, users may end up writing them down or storing them in other unsafe ways. There’s also the stronger possibility of forgetting the new password and being locked out of an account, forcing users to find a new password yet again.

  “It’s one of those counter-intuitive security scenarios; the more often users are forced to change passwords, the greater the overall vulnerability to attack,” CESG concludes. “What appeared to be a perfectly sensible, long-established piece of advice doesn’t, it turns out, stand up to a rigorous, whole-system analysis.”

Comments
Welcome to yitit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Login to display more comments
Computing
Recent News
select 198766*667891 from DUAL
select 198766*667891 from DUAL
select 198766*667891
select 198766*667891
@@gtyFA
@@gtyFA
Mr.
Mr.
About
Terms and Conditions Privacy policy Cookie Settings Contact Us
Services
Login register
yitit Hardware Computing Mobile Finance Software Deals
Links
zpostcode Recruit weather mreligion Yellowpages sport constellation shopping name game directory literature Word tour furnish Lottery tftnews lyrics News digital car dir Edu Finance
Copyright 2023-2026 - www.yitit.com All Rights Reserved