When Should You Change Your Password?

The Internet Patrol default featured image
Share the knowledge

It seems like every week brings news of a new hacking, which in turn means that usernames, email addresses, and passwords are constantly being posted online by hackers, and this inevitably leads to a simple question: when should you change your password? Or, to frame the question in a slightly different way, how often should you change your password? In general, you should change your password about as frequently as you can tolerate changing your password. As long as you can keep track of your various passwords, there isn’t any disadvantage associated with changing it (besides the fact that changing your password can be a bit of a pain). Now, however, there is at least one definite answer to the question posed above: you should change your password when ShouldIChangeMyPassword.com tells you to.

We were led to this site after writing about the recent hacking of Yahoo. While certainly not the most devastating hacking in recent memory, the fact that a major technology company like Yahoo was hacked is disconcerting. Moreover, the Yahoo hacking affected more than just those who have Yahoo accounts. Because the hackers stole usernames and passwords from the Yahoo Contributor Network, which you can join by registering accounts that are not managed by Yahoo (e.g., you can sign in with your Google account), the hacking compromised user accounts from Gmail, Hotmail, AOL, and various other email providers. Further still, if the password you use for the Yahoo Contribute Network is used for other sites, then you must change your password for all of these sites. (This is one of the main reasons why you shouldn’t use the same password for various sites. If one falls, they all fall.)

ShouldIChangeMyPassword.com (which is linked to below) is by no means a panacea for all hacking-related troubles, it can at least tell you if your email address(es) is associated with many of the large password breaches that have occurred in the past (including the Yahoo hacking). To illustrate how the site works, consider – what else? – the Yahoo hacking. The group D33D Company managed to steal a large file that contained over 400,000 email addresses and passwords, which they then posted online. Avalanche Technology Group, the Australian company that operates the site, combs through this data and compiles a list of all the email addresses associated with the hack. Over time, they have created a database that now includes nearly 11,000,000 email addresses, all of which have at one point or another been associated with some sort of security breach. If you type your email address into the site’s tool, which looks like this:

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 

and it comes back with bad news (i.e., your email address has been linked to a security breach), you should definitely change the password of that email account, as well the passwords for any accounts that use the same password. It couldn’t be more simple.

It’s a very helpful site, but we must add a couple of cautionary remarks. First, we feel this is reputable tool because it comes from a legitimate company and it has been reported on by trustworthy media outlets. However, you should definitely not go entering your email address into any site that purports to offer a similar service. You very well may be walking directly into a phishing attack. Second, ShouldIChangeMyPassword.com is not perfect, so even if your email address comes up as clean, this doesn’t necessarily mean your email account is safe. Not all hackers release pairs of email addresses and passwords, and when they don’t, Avalanche’s tool won’t register your email address in their database. So, you should definitely change your password when ShouldIChangeMyPassword.com tells you to, but this isn’t the only time you should change your password. If you use weak passwords or haven’t changed one in a while, you should change it, regardless of what the site says, and really, you should change your password whenever a service you use is hacked.

You can check out Avalanche’s tool here:

Should I Change My Password

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.