(405) 919-9901

by Dave Moore, CISSP
01/22/2023

The changing of the year is my reminder that it’s time to change my passwords, if I haven’t already. No matter what, January of every year is password changing time.

Are you in the habit of regularly changing the passwords for your online accounts? You should be; changing passwords regularly is a required part of every wise Internet user’s safety routine.

The reason for changing online account passwords is simple: the Internet bad guys are always stealing somebody’s password; maybe yours. Remember when Yahoo reluctantly admitted that all Yahoo accounts had been hacked, and all Yahoo passwords had been stolen? All three billion of them? A few here, a few there, by the hundreds, by the thousands, by the millions, account passwords are being stolen every time you turn around.

Fortunately, for us, the crooks can’t use or exploit all those passwords at once, so they store away the bulk of them to be used in future crimes. Hopefully, by the time they get around to trying yours, you have changed it, and it’s no longer valid. “Curses,” you hope they will say, “Foiled, again!”

Some folks like to argue and say, “Why, I don’t use a password for my email (or Facebook, or whatever). I just click ‘the button’ and it takes me there.” Au contraire, mon frère, just because you don’t see it doesn’t mean it’s not happening. In reality, when you click “the button,” because you previously instructed it to remember your password, so you don’t have to type it in every time, it sends your password behind the scenes to a computer server located somewhere on the Internet. The password then knocks on the door and says, “Hello! I’m a password; let me in and give me my stuff!” That’s how it works.

At least once a year (and more often is better), plan on changing the passwords to all of our online accounts. Yes, all of them should be changed. Every single one. Email, banking, investments, credit cards, shopping, it doesn’t matter. It’s the only way to know for sure that you have done what you can do to protect yourself. Yes, it’s that serious. No, I’m not kidding.

Even if you’ve never gotten in trouble before, and don’t know anyone who has, you still need to change your passwords. You should be changing your passwords regularly, anyway, so you should have the procedure down. Sure, it’s a hassle, but not as much of a hassle as getting ripped off by the Russian Mafia, or discovering that your investment accounts have been drained, or finding out that someone bought a car using your identity. Please, make us both happy; be a victor, not a victim.

Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.org