News

UK Intelligence Service Wants You to Stop Changing Your Passwords

It is common advice: “change your passwords often!” The practice is designed to maintain the security of your online accounts, but UK intelligence service GCHQ has, surprisingly, branded the practice counter-intuitive. To coincide with World Password Day yesterday, GCHQ’s Communications-Electronics Security Group (CESG) released a report, entitled Password Guidance: Simplifying Your Approach [PDF], which advises users against resetting their passwords.

“The abundance of sites and services that require passwords means users have to follow an impossible set of password rules in order to ‘stay secure’,” Writes Ciaran Martin, Director General for Cyber Security at GCHQ, writes in the guide’s introduction. “Worse still, the rules – even if followed – don’t necessarily make your system more secure. Complex passwords do not usually frustrate attackers, yet they make daily life much harder for users. They create cost, cause delays, and may force users to adopt workarounds or non-secure alternatives that increase risk.”

“The problem is that this doesn’t take into account the inconvenience to users – the ‘usability costs’ – of forcing users to frequently change their passwords,” the report says. “While we can manage this for a handful of passwords, we can’t do this for the dozens of passwords we now use in our online lives.”

As an alternative to frequent password resets, and increasingly complex and difficult to remember new passwords, CESG instead recommends using tools that allow users to track their logins to detect any unauthorised access to their accounts. That advice, though, is focused more toward website administrators than users themselves.

“Initiatives such as this are far more likely to help keep systems safe, and much more manageable for the user,” according to CESG.

Image courtesy of WikiMedia.

Ashley Allen

Disqus Comments Loading...

Recent Posts

BenQ MOBIUZ EX2710Q 27″ QHD 165Hz 1ms, HDRi IPS Gaming Monitor

SpeakersSpeakersYesSpeaker amount and power output2x 2 WattDimensionsLength / Depth252.5 mmWidth614 mmHeight525.8 mmWeight7.4 kgStandards / SpecificationsAdaptive…

3 hours ago

Intel Core i7-12700KF 3.60GHz Socket LGA1700 Processor

Thermal SpecificationsMax. TDP125 WCPUCPU ManufacturerIntelCPU SeriesIntel Core i7CPU Socket1700CPU ArchitectureIntel Alder Lake-SCPU Cores12CPU Threads20Performance Cores8Efficiency…

3 hours ago

AOC 24B3HA2 24″ 1920×1080 VA 100Hz 1m Widescreen LED Multimedia Monitor 

AOC 24B3HA2 23.6 1920x1080 VA 100Hz 1m Widescreen LED Multimedia Monitor - Black High-performance clarity…

3 hours ago

Corsair Hydro Series iCUE Link H115i RGB Performance Liquid CPU Cooler

Fan SpecificationsFan Size140 mmColourPrimary ColourBlackSecondary ColourWhiteMaterialsMaterialsAluminium, Copper, RubberLightingLightingYesLighting ColourRGBLighting CompatibilityCorsair iCUEAdditional ContentsIncluded fans2x 140 mmTypeCPU…

3 hours ago

Philips Evnia 34″ 34M2C6500/00 3440×1440 QD-OLED 175Hz 1ms FreeSync Curved Ultrawide Gaming Monitor

This monitor is built with features that make incredible visuals. With VESA ClearMR 9000 and…

3 hours ago

Asus Radeon RX 7900 XTX TUF OC 24GB GDDR6 PCI-Express Graphics Card

The AMD RDNA™ 3 Architecture elevated by buffed cooling and power delivery to effortlessly churn…

3 hours ago