On Sun, Mar 25, 2018 at 06:48:15PM +0100, Brian wrote: > On Sun 25 Mar 2018 at 11:52:13 -0400, [email protected] wrote: > > The PIN for my credit card has only four digits. > > > * I don't change the passwords as often as I should > > There isn't and never has been a need to do this. Passwords don't > deteriorate with age. > I disagree. Forced password changes are annoying and counterproductive, but there is an argument to be made for users periodically changing their passwords. The Yahoo! data breach, for example, did not become publically known until long after the breach. Even then, the scope continued to expand as additional related breaches were discovered that had taken place even earlier.
There are some sites which force me to change my password periodically and find them annoying because the passwords do not protect anything important enough to warrant that. On the other hand, there are some sites where I regularly change my password to guard against a hacker gaining continuing access to my account/data following a breach. While you are right that passwords do not deteriorate, they do get compromised. The last few years have shown that it happens with rather shocking regularity. Regards, -Roberto -- Roberto C. Sánchez
