Jump to Main ContentJump to Primary Navigation
Top

The secret to a safer password isn’t what you’d expect

1.2.jpg
1.1.jpg

What’s your strongest password?

Don’t worry, we’re not looking to log on to your Facebook account and ghost post that you heartily endorse Donald Trump and definitely want his babies. We just want to make sure you actually remember the thing.

After all, considering today’s generation are signed up to many internet accounts – three types of social networking, one for the App store, another two for email (work and personal), and another for banking – it’s no surprise we're constantly changing passwords.

You may have also seen a rise in mandatory password changes. Forced by either overzealous work admins or simply because you forgot the one you had, anyone would imagine these changes to 'stronger' passwords were keeping our online identities safer than ever. 

Well not according to Lorrie Cranor they're not. In fact, the Chief Technologist for America’s Federal Trade Commission and a computer science professor at Carnegie Mellon believes they might actually be putting you more at risk of being hacked. Writing on the FTC website, she explained:
 
“There is a lot of evidence to suggest that users who are required to change their passwords frequently select weaker passwords to begin with, and then change them in predictable ways that attackers can guess easily. Unless there is reason to believe a password has been compromised or shared, requiring regular password changes may actually do more harm than good in some cases. (And even if a password has been compromised, changing the password may be ineffective, especially if other steps aren’t taken to correct security problems.)

So there you have it, whether it's born from a reluctance to stray too far from your tried-and-tested Password123 (or whatever you’d scribbled on your hand in Biro), or just because you're subliminally sick of changing it, the more frequently you are asked to input a new password the lazier your brain becomes at crafting the alternative. So in future you might want to try sticking to your old one for as long as possible.

Additionally, Cranor also ponders as to whether companies responsible for mandatory password changes might be best changing tack:

‘Mandated password changes are a long-standing security practice designed to periodically lock out unauthorized users who have learned users’ passwords. While some experts began questioning this practice at least a decade ago, it was only in the past few years that published research provided evidence that this practice may be less beneficial than previously thought, and sometimes even counterproductive.’

Keep safe out there, people.

[Via: Wired]

Related

facebookprivacy.jpg

Facebook is in trouble for snooping on people who aren't members

low-iphone-battery.jpg

Apple just admitted your favourite battery-saving trick doesn’t even w

1.jpg

Teenagers reacting to Windows 95 will make you feel 1000 years old

Comments

More

Secret rules on what Facebook allows you to post have been revealed

And it's a pretty confused state of affairs

by Dave Fawbert
22 May 2017

Stephen Hawking reckons we only have 100 years left on Earth

Anyway, happy Friday!

by Tom Mendelsohn
19 May 2017

Watch a young Mark Zuckerberg discover he's got into Harvard

His dad is a lot more excited than he is

by Tom Mendelsohn
19 May 2017

Nintendo have removed a gesture deemed to be offensive from Mario Kart

Up yours, Yoshi

by Matt Tate
18 May 2017

This is rumoured to be the iPhone 8's finished design

Bye bye bezels (maybe)

by Matt Tate
18 May 2017

We might be about to get smartphones that charge fully in five minutes

An Israeli start-up claims it's going to go into production next year

by Tom Mendelsohn
15 May 2017

Someone has invented a sex doll that flirts with you

Presumably it murders you in your sleep, too

by Gary Ogden
15 May 2017

We really want someone to make this 8-bit Last Jedi game

The force is retro with this one

by Matt Tate
12 May 2017

This is how to be a really great photographer, according to Apple

It's all in the little details

by Matt Tate
12 May 2017

A full version of 'The Sims' is finally coming to mobile

Shapalapa dang do kazoo, which is Simlish for "that's good isn't it!"

by Matt Tate
11 May 2017