Google recommends changing passwords twice a year

Change your password twice a year and never use your old password again. It is one of 18 basic security tips Google has just launched to help Internet users more secure.

When most users are now cautious with junk email, cybercriminals have shifted their focus to popular web services such as Gmail, Facebook, Yahoo and Hotmail. They break into accounts and then send their spam to the victim's addresses in the hope that the spam will be more effective because they come from friends. "People often respond to messages coming from people they know," said Andrew Brandt, a researcher with Webroot, a security firm.

Spam messages sent from hijacked accounts may contain links to fake pharmaceutical sites or websites impersonating reputable organizations to trick personal information. In addition, hackers can use it to trick money. A fairly common game but still effective is that criminals pretend to be stuck in a certain country and ask their victims to send money.

Victims often do not know their accounts have been hijacked by hackers, but according to Google there are many ways for this to happen. Users' names and passwords are often stolen during phishing attacks or through software that records what users type on the computer. Sometimes cybercriminals attack websites that link to Google accounts.'If the site is hacked and your login information is discovered by them, attackers can easily access your Google account,' said Priya Nayak, Google's security expert.

Besides, hackers can guess or detect passwords. 'You use easy-to-guess passwords like using your name and date of birth (laural1980) or you give answers to secret questions that are too common and easy to guess, such as' pizza 'to the question' Favorite food what are you? ' wrote Priya Nayak.

Changing passwords and using unpredictable passwords can hinder many hacker tricks.

Webroot security expert Andrew Brandt said Google's twice-yearly change of password advice is reasonable. He thinks that all Internet users should change their passwords more often if possible. 'I change my password at least 4 times a year but I am a security expert and use password management software to generate passwords and remind me to change'.

Andrew Brandt uses password management software integrated into Webroot's commercial security software but also has many similar free software. LastPass and Keepass are two popular options.

In addition to changing passwords, Google believes that users should use different passwords for important accounts, including those who use password management software.

'Online accounts that share passwords are like dominoes,' wrote Priya Nayak. 'When it falls, it will also pull other things down. That's why you should choose unique passwords for important accounts like Gmail, banks, e-commerce sites and social networks. '