Don’t change your password

Don’t change your password

Possibly not the advice you were expecting from your IT support company.

After all, haven’t you been told for a long time to change your password on a regular basis?

Well, that advice changed in April. Microsoft previously advised all passwords were changed every 60 days. Now it says that’s no longer necessary.

In fact, it called the practice “an ancient and obsolete mitigation of very low value”.


And no wonder, really. In our experience, we saw people just using different versions of the same weak password – Fluffy1, Fluffy2, Fluffy3 etc.

As cyber security experts, our advice now is to:

  1. Use a random password generator to set long passwords made up of gobbledegook characters
  2. Use a password manager to keep track of these passwords, and fill them in for you
  3. Make sure you use multi-factor authentication – where you prove it’s you by launching an app on your phone and getting a login code

These 3 simple steps alone can make a dramatic difference to the cyber security of most businesses.

Certainly a lot more than changing your password every couple of months.

Would you like us to review your current email setup and make some recommendations?

Call us on 0345 313 1483 or drop us a line at


Leave a Reply

Your email address will not be published.