Change Your Password Day<\/em> was established in 2012 and has been celebrated annually since then. But what might\u2019ve seemed like a good idea back then is somewhat outdated in 2019. That\u2019s why we\u2019re proposing a change: Strong Password Day<\/em>.<\/p>\n A decade ago, it was common security practice to change passwords regularly. Nowadays we know that\u2019s not particularly effective, because the password problem is twofold. First, for effective protection, passwords have to be hard to guess. Second, to be usable, passwords have to be easy to remember. Changing passwords regularly does have some<\/em><\/em> positive impact on the first part, but it drastically complicates the second.<\/p>\n The problem really stems from the fact that we, as humans, don\u2019t like to remember long, complicated passwords; we\u2019re not machines. So, we do what comes naturally \u2014 we cheat. When we are forced to change a password, we make small changes in existing passwords, instead of creating a brand new one. To illustrate the point, let\u2019s take the password \u201cbatman2018.\u201d Most of us, if asked to change this, would probably just change it to \u201cbatman2019.\u201d That way, the system will see a different password, but it\u2019s essentially the same \u2014 and crucially, if the old password gets compromised, it doesn\u2019t take a genius to guess the new one.<\/p>\n TL;DR: Changing passwords regularly doesn\u2019t really work. It\u2019s a much better idea to use strong and, more important, unique<\/em> passwords. Now, let\u2019s talk a little bit about uniqueness.<\/p>\n It may seem like a good idea to come up with one really strong password and use it for all your accounts. This way, the accounts are well protected and it\u2019s quite easy to remember just one password, even if it\u2019s a complex one \u2014 win-win, right? In a perfect world, maybe. Unfortunately, in our world, data leaks happen regularly and passwords get compromised. If you are using the same password for all accounts, just one leak means that all your accounts could be compromised<\/a>. In other words, it\u2019s not a two-birds-with-one-stone situation, but rather an all-eggs-in-one-basket one.<\/p>\n What should a password look like to be considered strong? The answer is a bit complicated (think math), but in a nutshell it all comes to just two properties. The first one is the set of characters used in a password: diversity strengthens passwords. And the second one is length: the longer, the better.<\/p>\n The good news is that these properties compensate for each other. If you struggle to remember nonalphanumeric symbols \u2014 #, %, &, and so forth \u2014 you can simply make your password several characters longer instead.<\/p>\n One more thing: A strong password doesn\u2019t have to be random. I mean, randomness is nice for security, but it\u2019s a pain to remember random passwords. Again, you can compensate with length \u2014 make your passwords at the very least a dozen characters long, preferably even longer.<\/p>\n With that said, remembering strong and unique passwords can be much easier than you think. You just need to know how to do it right. Our Global Research and Analysis Team member David Jacoby explains it in terms we can all understand \u2014 he even gives you a good example on how to come up with your own password system, which will make forgetting passwords a thing of the past. You can check out his password ideas in this post<\/a> or watch the video<\/a>.<\/p>\n And finally, here are two more tips to help you lock-down your accounts even further: First, enable two-factor authentication<\/a> for all your accounts, and second, use a password manager<\/a> as a backup plan.<\/p>\n\n","protected":false},"excerpt":{"rendered":" Changing passwords regularly is outdated. Use strong and unique passwords that are easy to remember instead. Here\u2019s how to make them.<\/p>\n","protected":false},"author":421,"featured_media":20827,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[9],"tags":[1218,3883,605,405,187,422,131],"class_list":{"0":"post-25519","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-tips","8":"tag-2fa","9":"tag-digital-comfort-zone","10":"tag-great","11":"tag-password-manager","12":"tag-passwords","13":"tag-threats","14":"tag-tips"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/strong-password-day\/25519\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/strong-password-day\/15175\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/strong-password-day\/12752\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/strong-password-day\/17094\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/strong-password-day\/15291\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/strong-password-day\/14015\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/strong-password-day\/17800\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/strong-password-day\/16871\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/strong-password-day\/5640\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/strong-password-day\/14735\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/strong-password-day\/11398\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/strong-password-day\/18498\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/strong-password-day\/22370\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/strong-password-day\/23819\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/strong-password-day\/22061\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/strong-password-day\/21994\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/passwords\/","name":"passwords"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/25519","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=25519"}],"version-history":[{"count":12,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/25519\/revisions"}],"predecessor-version":[{"id":36414,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/25519\/revisions\/36414"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/20827"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=25519"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=25519"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=25519"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Changing passwords regularly doesn\u2019t help<\/h2>\n
Why passwords have to be unique<\/h3>\n
What makes a strong password<\/h3>\n
Strong and unique passwords that are easy to remember<\/h3>\n