February 1 is change your password day. But don’t make it a one-time thing. Password changing should be a routine you practice regularly. Like hand-washing, or trolling Facebook. Especially ones you’ve shared.
There are all kinds of obvious times to change your password: if an account has been hacked, if mysterious charges apear on your credit cards. But there are plenty of non-obvious times as well. I mean, think of your accounts like your home: your passwords are the keys that open the doors. After your psycho ex moves out, you want to make sure you don’t come home one day to find they’ve stolen the stereo and boiled your cat. Here’s when to change the locks.
Password: Master password program
Share With: The person who will find you rotting on the floor after you die
Change When: Infrequently
You don’t have a password manager? I feel for you son. Get yourself a program like 1Password or LastPass to manage all those other passwords. And of course, you should password protect this program, too.
But as someone will need to be in physical possession of your phone or computer to break in, the password for your passwords doesn’t need to be some super-crypto bombproof Mission Impossible shit. Just pick something alphanumeric that’s hard to guess, even if someone knows things about you, but is easily remembered. If you want someone to clean up after you once you’ve shuffled off this mortal coil and let all your Minecraft friends know you won’t be around any more, give this master password to a trusted confidant.
Share with: No one
Change When: Quarterly. After logging in on a public computer.
Odds are, your personal email account is a treasure trove of potentially damaging information. If anyone ever wants to steal your identity, your money, your ideas, or even blackmail you, it’s the place to go. There is all kinds of personally identifiable information in there. And because you likely use your email to log into other sites (hello, PayPal) it can be the key to unlocking everything else. Don’t ever give this thing out.
In fact, it’s so sensitive, that if you ever need to use it on a remote computer — like the one in a hotel lobby when you’re on holiday — you should probably change it again once your back in front of your own machine. Hell, you might even want to change it after logging in on a sketchy open Wi-Fi network. Keep it unique and memorable, and tough to crack — numbers and symbols are helpful — and if you use some sort of mnemonic scheme to remember your passwords, make an exception for email. Change it with the seasons.
Password: Pre-paid Entertainment
Share With: Everyone else in your household
Change When:Quarterly. When you move out. Or they do. Or you get pissed off because they put a bunch of Nickelback in your queue.
Look, everyone in your house shares the cable and Internet, don’t they? Share that pre-paid entertainment also. Yeah, yeah. It’s likely against the rules you agreed to. But screw that. Unless everyone needs to be watching, listening and/or reading concurrently, one account will do for the whole house. You can all split the bill. But face it: your room mates are probably kind of deadbeats. Or at least freeloaders. Otherwise, they’d have their own place. And as soon as someone moves out, you know they’re taking that login with them to the next place because, hey, free TV, right? They’re also probably password-promiscuous. Your roomie’s girlfriend is probably watching something from your queue right now. The least you can do is to kneecap the hangers on by swapping it out a few times a year.
Password: Online Shopping and A La Carte Entertainment
Share With: Immediate Family
Change When: Bi-Annually. When someone maxes out your credit card.
If you don’t want a bunch of bills coming from the same place, let the members of your family, longterm significant other, or anyone else you trust to spend your money, have this one. That’s especially true if you’re talking about DRM entertainment that everyone is going to share. Multiple Apple accounts can screw an iTunes Library right up.
But don’t be a sucker. If your kid is running up the bills, swap that lock. You also just want to change these financially-dangerous passwords periodically too, for no reason other than security. Change it with your smoke detector batteries when daylight savings time swaps.
Password: Personal social media accounts
Share With: Nobody
Change When: Some jerk gets your password
Do you want some jerk impersonating you on Twitter, or scamming your friends out of money on Facebook? Hell no. If someone asks you for this, don’t give it to them.
If you log into a social media account on someone else’s machine, make sure to log out again and change your password later. And never, ever give it to third-party apps that want to use it for identity verification. Twitter, Facebook, and Google all make it easy to verify your account without having to give that password up. So only use this password to log into social media sites themselves, don’t give it out to third-party sites requesting access.
User Manual is Gizmodo’s guide to etiquette.