CSO: Regular password changes make things worse

/Home/Internet Security: Articles/Internet Security: CSO/CSO: 2016

Conventional wisdom says that regularly changing passwords improves security. But a number of studies, plus the FTC's chief technologist, say human weakness makes conventional wisdom wrong

By Taylor Armerding
Sep 1, 2016

Security experts have been saying for decades that human weakness can trump the best technology.

Apparently, it can also trump conventional wisdom.

Since passwords became the chief method of online authentication, conventional wisdom has been that changing them every month or so would improve a person's, or an organization's, security.

Not according to Lorrie Cranor, chief technologist of the Federal Trade Commission (FTC), who created something of a media buzz earlier this year when she declared in a blog post that it was, "time to rethink mandatory password changes."

Click the URL above to read the full article