The Mandatory Password Change Myth

WARNING: Old man rant imminent.

With the onslaught of compromised credentials and information from multiple leaks of regularly used websites, I get that there are times when we need to change our passwords. That’s a fair expectation.

But I do take issue with big companies like Apple and Dropbox and Amazon telling me that my password that was attempted 5 times unsuccessfully isn’t any good anymore.

No. I disrespectfully disagree. It’s really good. You know how I know?

Because multiple attempts were made and they didn’t gain access!!

Let’s have a thought experiment, shall we?

Let’s pretend someone tries to break into your home.  They’re attempting to unlock the front-door.  Every time they try a bad key, they’re forced to try a new key.  But each subsequent key doesn’t work. After several hundred times, the local law enforcement (let’s pretend that’s Dropbox in this parallel) comes and forces you to change the locks to your front door (they say something along the lines of “It’s been several years since you changed your locks, and although it seems to be effective against those who are trying to break in, we want to make things so much worse for you. Sorry!”) All it will take is your time, another key that you hope you can never lose, and all the stupid hoops you have to now jump through to make sure all the family and friends you shared the OLD key with now have it, too.

If this sounds like a ludicrous and incredibly dumb thought process, then you’re right there with me and you can be angry at something that will never change, too!

Isn’t that great?

Good. Glad you agree with me. Now get off my lawn.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.