FBI: change passwords frequently. Researchers: Do not change passwords

It's a question we come across all the time: To change them often ς (passwords) that we use?

He would normally expect the FBI to provide effective security advice, but a recent tweet has made many security experts wonder if that is the case.
Specifically, the FBI on November 25 sent a tweet-tip to help (supposed) Internet users to stay safe.passwords

“Shopping online at the festive season? Keep your accounts secure, use strong passwords and change them frequently, ”the FBI says.

Secure accounts using strong passwords are really good advice, but the last part of the proposal has sparked controversy. Frequent password change is often described as a bad practice, because if you do it repeatedly it can eventually lead you to the use of easy codes that can be quickly broken by hackers.

In addition, it is proven that companies that force their employees to constantly change their passwords are more exposed to attacks for the same reasons: workers end up using simpler passwords that are easier to remember something that is not safer practice.

So security experts challenged the FBI tweets, and Per Thorsheim was one of those who recommended exactly the opposite.

In a statement on the Motherboard, Thorsheim explained that frequent password changes should not be made and that there are other ways to stay safe on the internet.

"I am surprised and saddened to see that the FBI continues to give advice like this when credible academic research, numerous organizations, companies and the of the US have been saying for at least half a year now that changing passwords frequently is a bad idea.”

"Although I don't know which of the FBI has control of their Twitter account, it does seem to be unaware of current best practices."

So how can you protect yourself online without changing passwords often?

The easiest way is to use a password manager that can create and “remember” complex passwords that are difficult to crack. Of course there are many password managers such as LastPass, 1Password, etc, but store the passwords in the cloud.

Our tip: Prefer an offline password manager like him KeePass. This particular administrator is free and stores your passwords locally using strong encryption.

In addition, be sure to enable two-factor authentication on any service that has the security feature and avoid using the same passwords across many services.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.086 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).