Change-your-password-tag: why this is nonsense & better tips
Not again: Today, February 1st is Change-Your-Password-Day. However, I think that's a lot of nonsense. Because the passwords are just as secure today as they were yesterday. What you should do instead, I show in this article.
The Change-Your-Password-Day or in English the “Change your Password” -Day was launched a few years ago. At times when it was still thought that regularly changing your password would make staying online more secure. Some companies also practice regular password changes - complete nonsense. Because changing it again and again only tempts users to use an even more insecure password or simply to append a number or letter to it.
Some get creative on Change Your Password Day
No joke: a person once told me in more detail how he changes his passwords today. So will pro year simply add the current year to the end. Instead of Password2020 it would be Password2021. Perfect, this is exactly the phenomenon that happens with things like this. Such methods are used for convenience and better memorability. And what's more: why should yesterday's password be even more secure than today's? There are far better ways to stay safe online.
Better: two-factor authentication & password manager
Quickly delete the change-your-password tag from the calendar, we have better tips for you. If you have saved your passwords in your head up to now and then use the same for all services, stop today. The colleagues from Heise launched the Manage-Your-Password-Tag - we are full of it. Use today - or at least make a plan - to store your passwords from memory in a password manager. This creates and saves a separate password for each service. If a service is now hacked, all other passwords are safe.
Another tip: Activate two-factor authentication. This “two-step authentication” can be activated for almost all services. To do this, either a code is sent by SMS when logging in, or a code is displayed in an app on the mobile phone, which is valid for 15-30 seconds. Then you need two factors to log in: owning and knowing. The former stands for a smartphone or the code, knowledge stands for the password. Or let's put it this way: If you refuse to use a password manager, at least activate two-factor authentication. Better than nothing at least.
My colleague David has in this article further tips summarized on how to be safer on the net. So, now a nice one
Change-your-password-tag February 1st!