Don't Change Your Password
January 2017 – by Per Christensson
A lot of security "experts" say you should change your password every few months. I disagree.
What they don't take into account is how many passwords you end up using over the course of several years. Not only do all these passwords make logins more difficult to remember, it actually makes your accounts less secure. This is because most people don't change all their passwords at once, leaving old passwords for some accounts and the new ones for others. The result is more passwords to keep track of and more passwords that can get compromised.
I think a more secure approach is to choose a few very secure passwords and don't share them with anyone.
One of my first monthly tips – way back in 2010 – was how to manage multiple logins. I said it was good to have three primary passwords and I still think it's a good idea.
If you are using insecure passwords for any of your accounts, this monthly tip doesn't apply to you. I think you should change your password(s) to something more secure (ideally with some capital letters, numbers, and special characters). However, if you are using secure passwords, I don't see any reason why you should change them.