Changing your passwords?

kram5819
kram5819
Community Member
edited April 2021 in Lounge

I'm curious what everybody here thinks about changing their passwords?

I have almost 200 accounts in my 1password password manager all with different passwords they are very complicated most are over 20 characters with special characters numbers symbols anything I can do to make my password extremely difficult.

I have two-step authentication on every website I possibly can. I use Authy on any website that accepts 2fa and will let me use it.

There are a few websites where they still want to send you an SMS text code, although I don't think it's as secure as I would like I still use it.

Most of my passwords are new because for the past year or 2 I've been changing them out every 6 months or so.

My passwords being so strong I wonder if I really need to change them?

I use 1password"s password generator & really like it.

I have a lot of passwords all of them unique & different none re-used. Even the master password to my vault is very complicated it took me** a long time** to memorize it. That's another one I never want to change because it's a long secure password.

What are your thoughts on changing passwords ??


1Password Version: what was my password being so complicated I wonder
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • [Deleted User]
    [Deleted User]
    Community Member

    @kram5819 Sounds like you're doing everything right.

    When I first got a password manager a few years ago, I changed all my passwords every 6-9 months. However, a number of experts have since said that this is no longer worth the effort. Password entry forms are generally secure and no one is trying to break into your accounts by working through all the possible random passwords. Attackers are mainly taking passwords leaked through breaches and trying them on other sites. They have other ways of getting in, e.g. by exploiting vulnerabilities or socially engineering staff, but changing your user password isn't going to block these. So as long as you have strong unique passwords for every site and change any that are included in breaches then there's no point changing the rest.

  • ag_ana
    ag_ana
    1Password Alumni

    So as long as you have strong unique passwords for every site and change any that are included in breaches then there's no point changing the rest.

    This is also what I personally do: I make sure my accounts have strong passwords, and change them in case there is a breach. I don't go through the procedure of changing an already strong password with another strong password regularly, I prefer to monitor Watchtower and my email notifications for suspicious behavior.

This discussion has been closed.