When Should You Change Your Password?
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

It seems like every week brings news of a new hacking, which in turn means that usernames, email addresses, and passwords are constantly being posted online by hackers, and this inevitably leads to a simple question: when should you change your password? Or, to frame the question in a slightly different way, how often should you change your password? In general, you should change your password about as frequently as you can tolerate changing your password. As long as you can keep track of your various passwords, there isn’t any disadvantage associated with changing it (besides the fact that changing your password can be a bit of a pain). Now, however, there is at least one definite answer to the question posed above: you should change your password when ShouldIChangeMyPassword.com tells you to.

We were led to this site after writing about the recent hacking of Yahoo. While certainly not the most devastating hacking in recent memory, the fact that a major technology company like Yahoo was hacked is disconcerting. Moreover, the Yahoo hacking affected more than just those who have Yahoo accounts. Because the hackers stole usernames and passwords from the Yahoo Contributor Network, which you can join by registering accounts that are not managed by Yahoo (e.g., you can sign in with your Google account), the hacking compromised user accounts from Gmail, Hotmail, AOL, and various other email providers. Further still, if the password you use for the Yahoo Contribute Network is used for other sites, then you must change your password for all of these sites. (This is one of the main reasons why you shouldn’t use the same password for various sites. If one falls, they all fall.)


ShouldIChangeMyPassword.com (which is linked to below) is by no means a panacea for all hacking-related troubles, it can at least tell you if your email address(es) is associated with many of the large password breaches that have occurred in the past (including the Yahoo hacking). To illustrate how the site works, consider – what else? – the Yahoo hacking. The group D33D Company managed to steal a large file that contained over 400,000 email addresses and passwords, which they then posted online. Avalanche Technology Group, the Australian company that operates the site, combs through this data and compiles a list of all the email addresses associated with the hack. Over time, they have created a database that now includes nearly 11,000,000 email addresses, all of which have at one point or another been associated with some sort of security breach. If you type your email address into the site’s tool, which looks like this:

and it comes back with bad news (i.e., your email address has been linked to a security breach), you should definitely change the password of that email account, as well the passwords for any accounts that use the same password. It couldn’t be more simple.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

It’s a very helpful site, but we must add a couple of cautionary remarks. First, we feel this is reputable tool because it comes from a legitimate company and it has been reported on by trustworthy media outlets. However, you should definitely not go entering your email address into any site that purports to offer a similar service. You very well may be walking directly into a phishing attack. Second, ShouldIChangeMyPassword.com is not perfect, so even if your email address comes up as clean, this doesn’t necessarily mean your email account is safe. Not all hackers release pairs of email addresses and passwords, and when they don’t, Avalanche’s tool won’t register your email address in their database. So, you should definitely change your password when ShouldIChangeMyPassword.com tells you to, but this isn’t the only time you should change your password. If you use weak passwords or haven’t changed one in a while, you should change it, regardless of what the site says, and really, you should change your password whenever a service you use is hacked.

You can check out Avalanche’s tool here:

Should I Change My Password

 

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.