Topic: "change password frequently" (Read 368 times)

Getting hacked can be said to be stupid if the hack was as a result of the victims on making. Moreover there have been institutions and individuals that had the routine of changing their systems password buy still got hacked, so stopping hackers from gaining access it's ain't veritably on regularly changing passwords but IMO creating a very strong password that contains letters, characters and figures ones and for all stead of regular changes that might cost you a loss of your assets should you mistakenly forget which very one is in use due to regular changes. It has happened to people before.

Getting hacked is more stupid than you changing your password often, when you use a password for too long its possible that it will get leaked, for everything that we do offline is the only things that's safe from online threats, and since password is what we use to log into a platform everyday it's possible it will get leaked.

It's same reason why people need to keep their private keys and wallet recovery seed away from online because that increases the chances of getting leaked, and this is why I often move my funds out of a old wallet into a new created wallet highest in a year or two, I just do it but some called it stupid.

I think hardware wallet is the only way that I don't need to keep changing, all you need is the official wallet software update which I still find risky too, it's find to be cautious in this space and it won't get you in troubles like when you are too relaxed and calling others stupid for been too careful.

Requiring people to change their password frequently is a bad practice because it makes them more likely to use a weak password because it will be easier to remember. I always use a unique strong password and different email alias for each site. If my credentials get leaked it will only affect one website. If the 2FA option is available I will choose to enable it for additional security.

Forgetting passwords is not a threat to security it can end up in a loss if we can't be able to access the email we used and to be honest I used throw away emails on random websites and also for some tokens and when they went to moon I didn't really have the chance to claim them due to the mistake. So having a strong password is a good thing but also changing the password from time to time is also important and if you feel you can't remember all those passwords then we also have offline password managers which come in handy.

Don't you think it's easier to forget your passwords if you constantly change them? Having different passwords for different sites is difficult enough as it is because memorizing all those passwords ain't easy. Talk more about changing those passwords from time to time, it's pretty difficult to keep track of.
If you protect your device, don't click on phishing links, don't input your emails in untrusted places, and have various emails, I think all you need is a very strong password like OP said and you're good.
And should I case you forget your password, you can always recover the password if you still have the email, can't you?
I don't like changing passwords except it's compromised.

If I can't abandon the email entirely, I change my password linked to that particular email only when I feel I'm beginning to receive too many phishing emails. It's not a security tip, it's just my way of handling my security.

Changing the password once in a while is recommended because the password might be exposed to someone in one or another way and if you still have access to your account means no one yet accessed it but it doesn't mean you will be safe forever. So change passwords once in a while for bitcointalk and wherever 2FA is available make sure you enable it so it's just an added security feature even if your password is exposed.

Implementation of 2FA on bitcointalk was discussed million times already so don't drag anything about it here.

Except that you suspect that your passwords have been compromised, i don't think that there is really any need to change your passwords. Maybe if you misplaced it at some point and later found it, and you begin to suspect that perhaps someone else might have seen and copied it, then in cases like that it'd be best to change your passwords, so your mind can be at rest about suspicion that someone will access your device.

I can also agree that changing passwords does not guarantee extra security, because if someone can hack your original passwords, chances are that they can as well hack a new one. Except if a person decides to change their passwords to a unique and very difficult combinations, so it'll be very hard for anyone to manipulate. I think that in the end it has to come down to personal decision, to decide whether to live their passwords the way it is or to change it. It shouldn't be a second party that has to make that decision,  except they have proof that your wallet or device has been compromised.

Choosing a password that is considered very strong can prevent dependence on changing passwords periodically. I'm not the type of person who does it often, but that doesn't mean I never do it at all. At different times I need to refresh my password to prevent attacks from cybercriminals, I also save it in the safest place in my opinion to prevent if at any time I forget the password I use. I have done this on the exchange account that I have been using. Some people need to change the password periodically to keep the password fresh in their memory and prevent it from being hacked.

Always changing your password can seem troublesome and confusing and you end up not remembering it at all.
If it is done regularly or at a certain time it may still look normal, but those who are too paranoid will always change it when they are in doubt about their own safety.
The account was hacked due to user carelessness. Because password hacking only happens to people who set passwords too easily.

I don't see why one will continue changing passwords,  doing this can make someone get confused and forget the password. The reason that made someone to change password all the time is when it is shared with people.

 Changing password doesn't prevent account not to be hacked, the reason why account can be easily hacked is when a vital detail of the account is exposed this is when hackers can get the chance of hacking the account.

I saw this post from your post history. As other has said, it is not good to change password frequently like that because there will be a day that you forget the current password and and try to login with all the passwords you have and if you have forgotten the main password then your account is lost. And as coinlary said, it is not really good to click on the remember password button though the device is your but the day something happen to the device either you misplaced it or guy if babe is using it to watch movies and she decided to check your account and it login automatically, guy you are finished.

I only advice you to use 2 or 3 passwords so in case your forget one you can try the other to get back your account and not frequently changing of the password. That will not help you but it will harm you.

replying according to your the post subject , it's good to change password frequently but are we having backups for this so called password which will be completely free of internet due to attacks and phishing to be on a safer side.

however, i would like to add this avoid the use of that remember me button, you like it! but its not advisable

I think this suggestion is not bad, and often I keep seeing about this from different people on YouTube and also in telegram groups. It is often said that you should keep changing your password after some time, this will make it difficult for hackers to hack your account, and your account will be more secure.

I rarely change the passwords of my accounts, because I am afraid of losing my passwords if I keep changing them frequently, because at this point I memorize all the passwords of all my accounts that I have been using for a long time. However, I have not faced any such problem till date, and I hope I stay safe from hackers in future, because one of the biggest obstacles for people to invest are hackers. If someone can remember their password by changing it after some time , it will be a good move for their account.

Be aware that Cloudflare ( which stays mid between you and  forum )  reads your password no matter how often you change it and how strong it is. Thus I would opt for alternative  way of forum authorization (let's say via U2F) rather than via password. Nevertheless, having a strong password which is unique for every service you use is always a best practice.

There are no need to change password very often but at least twice in a year is not bad at all. But I doubt many of us do it at all. If I am not mistaken I have changed my password when my account was hacked and since then I never thought to do so again.

You don't have to change your password frequently since nothing is wrong with it. The only moment that I change my password is whenever I notice something unusual, and maybe whenever my device is faulty and I go to fix it. After fixing it, I change my password instantly because I know someone might have access to my details, but on a normal day, I don't change my password anyhow. I know changing passwords is for security purposes, and it's not a bad idea either, but I am sure that in the process of changing passwords often, you will end up mixing things up by forgetting the most recent password that you used. If you are the type of person who always has access to your device, then it's not bad to change your password frequently.

I don't change my password always and have not experienced any kind of hack before. I do use a strong password, I don't give out my phone anyhow, and my device hardly gets faulty.

The security measure is a nice one, but it's also got its disadvantages. Changing your password can make you forget it easily, and I think that's just the main disadvantage. Also, some people who change passwords frequently, but they still get hacked. The best thing is to just use a strong password and be careful with the things you download online and the people you give your device to.

Change your password after a security breach if one happens, otherwise it's basically solid. You don't need to change a strong password every 90 days or something like that, that's just hot air from the press. It doesn't actually do anything to make you more secure. And most people can't even feasibly do that anyway since they have dozens of passwords.

I agree with you.

Strong password is important to secure an account.
It must be unique that means no password reuse.

About password brute-force, I guess you knew, but if anyone have yet known, they can read Are your passwords in the green?

If it related to crypto platform then provably hackers would try to access all possible account you have if you are been compromised by malwares if you are unconsciously so its been discourage to use the same password on different platform. But since you are fine for using that I guess you are so careful upon handling your account but for other who's still not aware the risk for doing it at least they should set up a 2FA on their accounts so that if something bad happen to one of their account all will not get affected since there is 2fa set and intruder will not have a easy access to it.

Strong password is really recommended so that we can safely say we are secured for possible brute force or other methods used by those hackers. This is been discussed for many times and good that this has topic has been brought up again to make people aware about its importance.

Does it matter? because I used the same password on different platforms, and nothing is happening to any of my accounts, although my main mail and other important platforms like this forum account have another password entirely.
I think what matters a lot is the use of a strong password that is unique and will be difficult to guess. If you use a combination of alphabets, symbols, and numbers, I am sure your password will be strong and difficult to predict.

I also adhered to the position of changing the password for some time, the consequences of which once played a cruel joke on me. Having changed the password on one site, I got distracted and forgot to archive it, after which I had to lose access to the site. But that was a long time ago, and it turns out that I often gain experience from my mistakes. Now, I don’t consider changing a rather complex and long password the right thing to do, unless a suspicion comes into my head that my device is not clean for the presence of any malware. Although I try to carefully disarm them too,

I think I will speak from experience on this particular action because I have tried out this security major before but not with forum account though, I tried it with my social media app and believe it's really stressful and you might even being the one to lose your password because of confusion on the various password, you have continually changing so I believe setting a once and for all strong password is the best way to go about everything concerning your account security.

My main email account never was compromised. I just change its password One week ago, before that i change it in 2012  (More than 11 years without change the password)

The main advantage is that i use a different password for each service that holds important informacion (email,financial services and forums) always different and strongs passwords.

One week ago i publish this topic: passwordstore an open source password manager

This is important.

It is a very common mistake by many people, using a same password for every accounts they have.

Passwords must be always unique and randomly generated. If you don't use random passwords, you can fall into your favorite style with similar patterns for your passwords.

Are your passwords in the green?
Have your email been pwned?

Some password generators and managers in Security and Privacy Encyclopedia.

This account has already been hacked a couple of years ago and I regained it back. I think the big problem is that I'm using the same password on every sites and same username too. So one site was hacked and now the hacker can steal all your information that has the same username and password.

So if you guys had same password different sites CHANGE IT NOW you can generate and save password by using password manager like Bitwarden

Don't find it stupid since hacking issue really happen how ever you think your password is so secured.

Remember the incident happen to harizen? https://bitcointalksearch.org/topic/harizen-ban-appeal-5469221 he didn't even know why he got hack and hacker messed up his account by posting malware here.

And also same goes with other people who post the same experience on his thread.

So its really not a stupid idea to change your password but rather it make your account more secured. Also as suggested always use strong password to avoid this issue.

Before I select a password, I make sure that it's usually a combination of a lower case, upper case, number, and a special character attached. I set a strong password that can last for a long time without me having any need to change it. I only change my password when I feel it's been leaked or that I have been compromised. For instance, if I visit any site where I doubt its security or feel that someone I granted access to my phone knows my password, I can change it. Again, if I lose my device, I will change my password. There are some reasons that can make me change my password, but other than that, I will not just be changing my password so often.

Changing passwords is often advised in other to prevent one from being exposed to a data breach or an unforeseen issue that may have exposed the account information to hack.
I personally don't like changing passwords more often because I have forgotten some passwords through it. I only change my password now only when I feel something strange with my account.

Changing your password every now and then doesn't save you from account being hacked but chosing a strong password with multiple alphabet will save you the stress for once but for security reasons if you notice any attempt by hackers to hack your account, you have no other option than to change your password as often as possible to avoid lost of account. Personally I have not experienced account hack since joining the forum and I remember changing my password once when I turned full member because I felt my previous password was not strong enough and can easily be accessible to hackers.

I personally don't believe it's necessary to change my forum password because I'm concerned that if I forget the new password, recovering my account might be difficult and time-consuming. Unlike a Google account, where password recovery is instant due to the linked contact number, forum  lack this feature.

To safeguard my password from being hacked, I take precautions by avoiding unnecessary downloads that could potentially infect my computer and refraining from clicking on untrusted links that might lead to password loss.

It's also important to remain vigilant about fake Bitcointalk websites. While I'm not certain if they still exist, I prefer not to open them in my browser. This topic has been discussed here before.

https://bitcointalksearch.org/topic/list-of-scam-fake-bitcointalk-sites-5130480
https://bitcointalksearch.org/topic/fake-bitcointalk-forum-site-5141187

I really do not see the reason to be changing passwords every now and then. I think persons who do this are fond of login into their accounts using other person's devices, so they change their password frequently as a way of minimizing the risk of having their accounts being compromised.

I set my passwords using a strong character combination, I use different password for my account, emails and other websites I signed up. I also save my passwords on password manager to reduce the chances of forgetting them.

It is a matter of choice, anyone can choose to change their password how often they feel, as long as they can't forget it or write it out on paper.

No. Changing of password is something I don't usually find a reason to do though, due to the fact I have a strong unique password I always apply whenever opening any online account.

To avoid any of my online accounts being compromised,  ​I avoid giving strangers my phone, having my password stored on my phone, and locking all the browsers I used to log in to any of my online accounts. Doing that makes me feel a bit safe.

It never a crime to change password but if you have password that involves alphabet, number, and characters all means together it will be very difficult to hack, if someone constantly changing password he will end up forgetting it because we due register so many things online which if we don't have a unique password to cover all that you will end up losing everything, I believe each an everyone of us have an unique number that everyone like and we can not forget it. I'm not going against changing password but if we can have one password for all our registration is better because there so many things we do register which we will even forget that we have an account with them until we come across it and like to register again and the response will be the user is already a member, then if you are the type that have one password you will have access to your account.

Well, I don't want to be hacked, and I wanted to do everything that could save my account. To my knowledge, the best practice might be to come up with a solid hexadecimal password for the forum, and it would be great if we let Google Password Manager choose a password for us. I don't know for sure whether it works for this forum or not.

After selecting a solid password, we should not try to make our email public to anyone. This is the email we used to sign up here. I suggest never using that email anywhere else, whether you are taking part in some airdrop, doing some tasks to make extra bucks, or making an account on a centralised exchange. Do not connect that email with any of the third-party services.

After that, stake your account here, and even if your account gets hacked, you can retire it. But many people might have lost access to their accounts due to some of the mistakes they might have made unintentionally, like becoming victims of phishing links. We should not change passwords frequently, and I agree with that.

As long as the password is really long and obviously not

abcdefghi9876543210

you really do not need to switch it very much.

One of the most things that makes some users change their passwords is when they experience any suspicious activity on their account, so I don't think that it's a crime for someone to change his/her password and, again, sometimes, people do easily forget things, more especially those that occupy have enough of things that occupied their heads.
The reason why I don't see any problems with users that change their passwords frequently is because if they don't change them they might get hacked more, mostly those that observe some suspicious activities.

It's not. Now and then websites get hacked. Months or even years afterwards somebody may try to use your credentials. If you change that often enough, you won. At least this is the theory.
Even BTT was hacked once in the past.


How often people change password is easy to see on bpip webby, so all I'll answer here is that I change it way less often than I should.
And no, my BTT account was not hacked, as far as I am aware.


Having a bitcoin address stacked for recovery is a must. The most important measure.
But this can help too avoid nasty surprises, so it worth doing that now and then. Better safe than sorry.

The problem is never the strong passwords because from your side security can be airtight and all the basics of ensuring that no unauthorised person gets access to your stuff can be put in place like no clicking unknown clicks, no use of VPNs, use a device strictly for x purposes etc, but the problem comes in when you use password managers which history has shown that they do get hacked and data leaks out, it could be a database breach which is another reason why we are advised to change passwords regularly as this information isn't always shared with its users which is why it's good practice to just change passwords regularly

Was never a fan of changing passwords , not until someone tried to ghost me with a loan in my name, and ever since I try to give myself a surviving chance against such by changing passwords..

I have not changed my password ever since I registered on this forum. This is because I have not seen any reason for me to do that. The only time I might consider doing this is if I get any form of suspicious login in my account without my authorization, then I will be forced to change my password before things get out of hand.
 
Another case where I will also think of changing my password is if I mistakenly use the same password as that of my forum password on another platform, and if the platform happens to have a data bridge that I suspect my data is not secured, I will have to change everything that I have used that password for. But for the most part, I still use one password for one site for security reasons.
 
 
About what I think regarding that recommendation, I think this varies based on individuals. If you have a strong password, that is good for you, and if you are not the type to log in to your account on any device you come across, that is good for you as well. You might not need to change the password, but some people just like changing their password for security reasons, according to them.

Some user here in the forum didn't change thier password but some users  are change thier password because of security and also they change thier password cause the reason of they don't want to forget cause if your account was login in one device  for s long time there's a chance that you've forgot the password unless you have copy of your password. But anyways it's up to the owners if they will change thier password or not.

If I am not mistakenly since my signed up here I have never changed my password because my account security is strong enough to last for as many years I feels like without changing since I don't use that password for another thing or even trying to use this same password to sign up other things. There's no need to change password because sometimes changing password easily attracts attention to yourself because lots of people would suspect account has already changed hands or being sold out in my suggestion if you already had a solid and strong password then no need to start littering your profile in the name of choosing a strong security password.

These two combinations are your key to securing your account on all the sites you're in, a very strong password, and making sure that your device is clean from being infected if there's an authentication like a text and a 2FA on the site you're using then, by all means, use it.

Always secure your workstation and make sure no one will use the computer that you're using, when you value something you should know how to properly secure it.
So far I have not changed my passwords for over a year on all the sites I'm in, except when the site asks me to do it for their their updates.

I’m not changing my password frequently due my laziness but I don’t find it as useless habit since it can help you to maintain your account security in case you didn’t know that you login your device on unsecured device or being phish unknowingly since many high wrong user here got their account rank without being notice even though they are still active here.

If you are not clicking any random link or login using unsecured device then I guess your account will be safe without changing password frequently. But who knows if when will unknowingly commit mistake since we are all human after all.

No! I don't change my password often and I have not been hacked before. Not even in this forum or any other platform before.


Changing password often can cause me to forget my password. Not that I will completely forget the password but I might make several attempts before getting the right one. I always find it surprising whenever someone say that they forgot their password. Unless I wasn't the one that set the password, I don't think I will forget it because I have a pattern I use for my password and they're unique to each sites. Making changes in the password will get me confused in the long run. When your password is strong enough that can not guess, then I don't see much effect on changing it.

If you are someone who frequently changes devices, it might be better to regularly change your password. I mean there are some people who also often save their passwords in the browser which is not recommended. If something requires you to sell your device or you replace your device and your old device changes hands, that could be dangerous. especially for those who access it from devices such as smartphones. if we lose the smartphone it can also be bad. and I don't think there's a problem with changing the password.

I also changed the password once when I had to change devices. it's just a precaution.

If you suspect that your device/account has been compromised, changing your passwords immediately is a must, but there is no need to change your passwords periodically for no reason, so long as you set a strong and unique passwords from the outset.
Changing your password does not give extra security, except you are changing from a weak/overused one to a strong and unique password, but if they are both strong then it is the same security. I think one should just set a strong password and then ensure that they do not do things that would get their device compromised.

As long as you can sign a message from your address, you're fine.

Changing password or not,  it's up to personal choice. You can say your password is already strong and wouldn't be hacked, but someone can say it's better to change your password once a year for extra security.

I'm not changing my password because I'm lazy lol.

If it is not about forum account password, this thread does not belong to Meta board that is for forum related issues.

You have two options to move it: Beginners & Help; and Off-topic. I saw many topics about security moved to Off-topic.

Only strong password is not enough because there are still other ways our password could ne compromised. If your browser saved accounts password automatically and you Gmail account compromised then hacker will easily access to your account. malware attack which copy all your keystroke could also leads to password leak. there will be more way which we don't know yet but I think we shouldn't called this term as a stupid as many big exchanges like Binance also recommend to do so


No, I am rarely do this and still I have not faced any hacking btt account single time. my pc was Hacked and my wallet phrases compromised along with all social accounts and exchanges but so lucky that hackers didn't access to my BTT account. I think hacker don't know the value of Bitcointalk account and was targeting only wallets.

I do not change my password often and have never been hacked.

I do not think people need to change their passwords at all if you chose a secure mix of characters. You just need to have a secure back up for it. The only upside to changing your password could be to log out any unauthorized access to your account. A hacker can get your email and password and be accessing your account with you without changing anything, if you change your password, they will be logged out.

You should not rely on memory to remember sensitive passwords and other information. Backing up different passwords at different times can also get confusing, other than that, it is a safe process and could provide more security.

- Jay -

You can use password managers, so you only have to remember one password.

Your comment was motivation behind this post, nonetheless, I have read articles and tweets recommending this and my local banks forcing this measure.

@tranthidung it isn't exactly forum related question, although its posted in meta.

Yes, that's the kind of mindset that will definitely make the hackers work much easier but that doesn't mean that not changing passwords often is a wrong thing too, if you're like me who sets the computer environment in a way that is really difficult for hackers to get into then you're good with not changing passwords but if you are the kind that's carelessly clicking on links sent by unknown senders in your email or messaging apps then you can benefit from changing passwords frequently although it's hopeless as most hackers will just install a keylogger and their work on you is already done.

No, I do not change passwords often. I have been hacked before but it was long ago. My ETH wallet was hacked as well which is why I stake my Bitcoin address in the forum. Since then I have started using stronger passwords and always use a mixture of special characters, numbers, capital letters, and small letters. There is a chance of forgetting the new password as well. I have seen people changing their Android device pattern lock too many times and they had to reset the device because they forgot what pattern they have used. If you change your password too many times, you will get confused with too many passwords and won't be able to remember which one was the correct one.

It's for security recommendations so i won't call it stupid for being cautious, or having the idea to make your account secured. Actually getting hacked is more stupid than changing passwords.

May I ask you, who advised that?

As far as I know, forum does not recommend it.
It is the forum advise that you will see at your profile page, Account related settings. No point about changing password frequently.

I know some platforms, applications recommend it or even force their users to do it after a while like 6 months. However, it is non sense if a person changes from a weak password to a new weak password that only has some minor difference at the end.

Changing from "mypassword@2022" to "mypassword@2023" does not improve security.

I am admittedly no cybersecurity expert, but I think it's dumb, dumb, dumb--and when employers or various websites require that you do it, it's so goddamn annoying.

And I agree with you that (in the vast majority of cases I'd imagine) choosing a strong enough password the first time should obviate the need to keep changing it.  It always made me wonder if the requirement to periodically switching passwords increases the frequency of forgetting/losing them.  Some folks have all of their passwords written down in a single place, like a notebook or in multiple places, and I'm pretty sure that can get chaotic.

Can you imagine if every single thing you had to have a password for required that?  I think my brain would explode; this issue isn't a major pet peeve in my life, but it's one that's bugged me in the past.  Thanks for beginning my morning with some low-level aggravation, OP.  (lol)

Why asking this question? You can do whatever with your password. If you like, use a strong password and do not change it. If you like, change it periodically.

It is good to stake your bitcoin address for account ownership claiming. This is what that is most important to me.

You can backup the password on a book offline. There is also email for recovery. If you do not backup the new password, you can also forget it.

One of the reason of changing your password regularly doesn’t necessarily mean to avoid getting hack but you might also forget it. Imagine you been logged into this account for so long like a year and something happens to your device which it was logged in, there is possibility that you might have forgotten it since you don’t actually use it often. This is similar to having your accounts saved on password keyloggers too.

Also an hacker might actually be in case trying to break down your period, changing it might make it harder for him to break. Although the regular Changing doesn’t mean something like few weeks, you can make a yearly thing

It's one of recommended security measures but I find it stupid. Imo, as long as your original password is strong enough, you do not need look at it ever again.

---

Do you change your passwords often? If no, have you been hacked?

What's your opinion on this security measure?