Everyone on the internet seems to be in agreement that February 1st is “Change Your Password Day” (yep, it’s a thing), and we’re celebrating it for a good reason.
With reports of data breaches and password leaks happening on a regular basis, being reminded of password hygiene and maintenance is critical to your online safety.
But don’t ever think that changing your passwords is strictly a once-a-year affair. Changing your passwords regularly will vastly improve your security but the question is, how often? Let’s find out.
When to change your password immediately
Before we explore our recommendations for your regular password change routine, there are times when you should change the password of a particular service immediately.
Reset your password immediately:
- After a service suffers a data breach or a cybersecurity incident
- There’s unauthorized activity in your account
- Your gadget was compromised or infected with malware
- You used to share your account with someone else
- You logged in to your account using a public computer
Now that that’s out of the way, here are good schedule recommendations for password changes:
Streaming entertainment services
Service: Streaming sites like Netflix, Spotify, Hulu, HBO Go, Sling TV, Pandora, etc.
Sharing: Although some of these services discourage account sharing, streaming under one account in the same household is not a big deal.
Recommended schedule: Preferably every six months. Too often and it becomes a hassle – having to sign in again on all your gadgets can be a pain. However, if you’re sharing your password with your partner or multiple people in your house (who can be careless), you can shorten this to three months.
Service: Amazon, Apple and Google app stores, iTunes, Google Play, eBay, etc.
Sharing: Never. Just create separate profiles for each member of your family whenever you can. For purchased content, you can share them with Apple and Google’s Family Sharing anyway.
Recommended schedule: Barring any major breaches, change these every six months, as well. Always enable two-factor authentication when available.
Service: Gmail, Yahoo, Outlook, etc.
Recommended schedule: Three months. Since most of your email accounts are used to access other services, it’s recommended that you change their passwords more often. Having your primary email account hacked can be a gateway to your other accounts. And as usual, always enable two-factor authentication with your email accounts.
Service: Facebook, Twitter, Instagram, etc.
Sharing: Never (except maybe for shared accounts for couples, which you shouldn’t even do in the first place)
Recommended schedule: Although social media accounts are not as critical as your email, they’re also tied to your personal identity. You absolutely don’t want anyone masquerading as you in social media. Change your passwords every six months (every quarter, if you’re being extra careful). Remember to turn on two-factor authentication, too, and to always sign out if you logged in on a public or shared computer.
Remember that these are just recommendations for your ultimate safety. Dial it down if you think they are too much.
In fact, changing your passwords so often can make things worse for some people. At the end of the day, use plain ol’ common sense to gauge when to absolutely change your passwords.
Need help crafting the perfect password? Here are new password tricks you can try.
Bonus: Remembering all your passwords and PIN codes for your accounts can be tough so a password manager is a must. A good password manager will even automatically generate hard-to-crack passwords for all your accounts.