Why do I always have to change my password?

We know, you’re all tired of changing your passwords and hearing from IT that you’ve got to pick a new one you haven’t used before every 30 nanoseconds. The reason might not be what you think.

In today’s world there are three reasons to regularly rotate your passwords, especially your most important ones. If you never re-use your passwords it’s less of an issue. Also, you’re a liar.

Reason #1 – Someone Else Got Hacked

The number one reason to change passwords is plain and simple: other people get hacked. Yahoo!, Marriott, Quora, credit bureaus, the US government, take your pick. Odds are, your information is out there somewhere, and that can be used to get into your other accounts.

Let’s say that you used Yahoo!, something like bighair80s@yahoo.com, password MusicCity1982. Then you used that same email address and password for Amazon, or your bank. Through no fault of your own, because Yahoo! was hacked that same login can be used by hackers to get into Amazon, your bank or wherever you re-used it.

Reason #2 – Mitigate You Getting Hacked

It’s possible for your account to be compromised without you knowing about it. That is, someone got your login info and is now using it. By changing your password you effectively lock them back out of your account again.

Reason #3 – People Change Jobs

We know that you all share passwords at work even though you signed an employee handbook swearing your dog’s grave that you wouldn’t. Now what happens when one of those people who knows your password leaves? Or gets fired? What kind of exposure do you or your company have?

And all those “shared” passwords that don’t belong to anyone in particular but everyone knows (for the wifi, the scanner’s mapped drive, the common email account), what happens if those never change when people leave?

Don’t be scared. You don’t have to be paranoid about password hygiene, just have an awareness if why it matters. You’ll make better decisions on your own.