Skip to main content
  1. Home
  2. Computing
  3. News

Want some security advice? Don’t reset your passwords too often

By

Setting your password as “password” has long been dinged as a sure-fire way to invite trouble when it comes to your digital privacy. And obviously, if you’re using the same password for everything on the Internet, you may be in trouble. But while security firms have long discussed the common pitfalls of online security, another practice that may seem solid in theory is now being warned against as well. On Thursday, in observance of World Password Day, the U.K. government urged its citizens not to change their passwords too frequently, claiming that this practice is actually more harmful than it is helpful.

“In 2015, we explicitly advised against it [changing passwords],” British intelligence and security organization GCHQ’s Communications-Electronics Security Group (CESG) wrote recently. “This article explains why we made this (for many) unexpected recommendation, and why we think it’s the right way forward.”

Recommended Videos

So what’s the issue with constantly changing things up? According to the organization’s 16-page report, repeatedly resetting your codes “doesn’t take into account the inconvenience to users.” A secure password, CESG notes, should be both long and random, which makes them fundamentally difficult to remember. And while you can create and remember a few long and random strings, it’s hard to do this for dozens of passwords. “When forced to change [a password], the chances are that the new password will be similar to the old one,” security experts warn. “Attackers can exploit this weakness.”

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, HBO Max, and more

CESG also notes that frequent change can be rather counterproductive — in order to remember new strings, users may end up writing them down or storing them in other unsafe ways. There’s also the stronger possibility of forgetting the new password and being locked out of an account, forcing users to find a new password yet again.

“It’s one of those counter-intuitive security scenarios; the more often users are forced to change passwords, the greater the overall vulnerability to attack,” CESG concludes. “What appeared to be a perfectly sensible, long-established piece of advice doesn’t, it turns out, stand up to a rigorous, whole-system analysis.”

Lulu Chang
Lulu Chang
Former Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Topics

Editors’ Recommendations

The simple reasons your PC games don’t play as well as they should
The HP Omen 40L desktop sitting on a coffee table.

Whether you have the best gaming desktop money can buy or a budget-oriented PC, the whole point of it all is to be able to play your favorite games and make them look nice and run great. Not every gamer cares about visuals, but performance matters, and getting your money's worth out of your PC is important, too.

If a PC performs poorly in games, many of us immediately assume that the hardware is to blame. Sure, that can often be the case, but before you start looking into ways to upgrade your computer, try out these solutions that might solve your problem and let you get back to high-quality gaming.
PC settings
Whether you're dealing with poor performance, such as stuttering and low frames per second (fps), or you're simply unhappy with how your games look, the root of the problem might lie in the settings of your PC -- and as such, it could be an easy fix.

Read more
I tested Intel’s Core i5-14600K against its cheaper sibling. Don’t waste your money
Intel Core i5-13600K installed in a motherboard.

Intel's new Core i5-14600K isn't a massive generational leap, as you can read in our Core i5-14600K review. No one expected it to be with Intel's 13th-gen CPUs already sitting among the best processors. The bigger question is if it's worth buying over last-gen's Core i5-13600K considering that both are readily available for around the same price.

I've tested both chips extensively across a range of productivity and gaming scenarios. The Core i5-14600K brings some minor improvements over its last-gen counterpart, but those looking to stretch their dollar the furthest are better off sticking with the Core i5-13600K.
Pricing and availability
An Intel 13th-generation 13600K Jacob Roach / Digital Trends

Read more
AMD might still have some next-gen GPUs left in the tank — but I don’t buy it
AMD RX 7600 on a pink background.

AMD has said it's done with new GPU dies, but a filing with the European Economic Commission (EEC) suggests that Team Red could still launch graphics cards in its RX 7000 range.

The filing points to AMD releasing an RX 7600 XT sometime in the future, both in 12GB and 10GB variants. AMD's Scott Herkelman says the RDNA 3 lineup is "complete," so what gives? It comes down to the GPU dies.

Read more