Comments on: The Social Networking/Cybersafety Disconnect http://www.welivesecurity.com/2011/06/22/the-social-networkingcybersafety-disconnect/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: JacobInnopay http://www.welivesecurity.com/2011/06/22/the-social-networkingcybersafety-disconnect/#comment-3111 Thu, 23 Jun 2011 14:01:33 +0000 http://blog.eset.com/?p=7727#comment-3111 I'm sorry but I fail to see how it helps security if you change your password very often. If you choose a strong password and don't use it on other sites, I see no real need to change the password unless there are indications that it has been compromised (e.g. the site was hacked and this made news headlines, you lose your smartphone/laptop, etc.) or is being attacked. Really the best way websites could help users is to implement warnings if someone makes multiple wrong guesses to get at your password or logs in from an unusual IP address (Gmail for example gives you a warning if your account has been accessed from Russia, to see if this was indeed you or a hacker).
Forcing people to change passwords every few months only encourages them to either write the password down or to choose an easily remembered password, both of which hurt security.

]]>