The best time to change your password is now

You can reduce your chances of being hacked by regularly changing the passwords on all the accounts where you enter financial or other sensitive information. Set an automatic reminder to update passwords on your email, banking, and credit card websites every three months.

Different sites have different rules for passwords that they’ll accept, but here is some basic guidance on how to create strong passwords:

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) upper and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

Learn more about how to create strong passwords and protect your passwords.

If you think someone has gone into your account and changed your password, learn how to recover a hacked account.

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »

Join the conversation

  1. Anonymous

    And be very wary of Google+ at this time.

    Their new motto…


    One account. All of Google.

    Sign in to continue to Gmail

    I sent this to acquaintance of mine….

    "Not sure what email you use…but warning you that, since you said you didn't understand Google+ and that you were not using it….that this "message" you sent me…it actually came from your iPhone, through a Google+ account, and not through a specific email.  Please see where my email reply back to you ultimately ends up landing for you and where you read it?!   I think it may go right to your Google+ cirlces

    "NXXXXX XXXaXXXl (Google+)" <>

    date: Fri, XXX XX, 20XX at 11:XX PM

    subject: Re: i do not understand google +



    For those that can understand this header…obvious that Google now takes over all Google Accounts (Google Account, Google Places, Gmail, Google+, YouTube accounts with a gmail address…with Google+….In a way that I've never seen in the history of the internet.  

    I think more is public right now then ever.  People that signed up for a Google+  account a few years ago (and don't use it ever)  don't realize some "stuff"…as of a few weeks ago…is posting to a Google+ account of theirs.

    Gmail reply's are (in the background) changed from e-mails to google+ messages…which in turn become posts…wholly depending on old or updated permissions…that post might be or is visible to EVERYONE …including me…I could be reading your private email replies to your girlfriend…which have changed to posts…right on a Google+ account of yours.  If I can see it…imagine who else can see what?!

    Google bought YouTube and I noticed all my videos on a YouTube account I created with a gmail address all went automatically public on a Google+ account I hadn't been on in over a year, but was also associated directly or indirectly with that same gmail address.  

    Worldwide, right now, people's smartphones are updating linked chrome browser's (linked from Desktops to Mobile Device from logged in google accounts) to a point where their phone updates to versions and settings no one has seen before.

    Many are complaining they have a virus, but can't find it.

    It's Google…specifically, permissions Google granted to Google+ to override on other Google associated accounts.



    One account. All of Google.

    Sign in to continue to Gmail

    Either Google put A LOT of thought into this…(in a coordinated effort to bury Microsoft and desktop computing in favor of Google Drive…cloud computing) or certainly let loose one hell of a monster by sheer lack of forethought and due diligence.  Go to your Google+ account if you have one to see what it is showing publicly.  

    This guy had no idea Google+ was posting his "emails" to his Circles in Google+ as posts!!!

    If you see…copy and paste this to every forum on hacking, passwords, Security, Privacy, etc. Thank you.

  2. Anonymous

    How do I change password

  3. Anonymous

    please can someone tell me how I can get n my facebook account because I know my email  but forgot password need to reset but wont let me n to do it n i need a little help with it please help

  4. Anonymous

    My son No longer lives here.  And I'm paying for something I can't use.  We no longer have the old email and I'm having g trouble setting up something in my name.   This is ridiculous

  5. Anonymous

    I had security on my computer now, I cant reach google….. my computer tells me that I dont have a secure connection and that I must download an anti-virus software program in order to use the internet. Although I am able to travel to other sites, just nothing pertaining to google…? not sure why?

  6. Anonymous

    I tried to access my e-mail account and got a message yahoo says I need to change my password as someone has tried to access my account. I was told to go to Internet Explorer , Click Tools button, Click Internet options , Click the Advanced tab , then scroll down and clear the "Do not save encrypted pages to disc " option in the security settings . Also something about p********* I can't find any of this  . HELP !!!!!!!!!!!!!!!!!!!!!!!

  7. Anonymous

    I don't use Hotmail anymore because you jerks won't let me access my account while you fish for info,  trying to get me to do a little dance just to access my stuff.

    Holding my emails hostage for my own good makes Hotmail the most useless and irritating, not to mention worthless mail service.

  8. Anonymous

    I "THINKG" I just deleted GOOGLE+ because of this issue. The problem I'm having is that when I want to check my g-mail, GOOGLE automatically has my account up and ready for ANYONE to just go on and read my mail! I have e-mailed Google, over & over & over, with no response, of course. I Just deleted GOOGLE+ and was told after an HOUR OF farting around trying to find an answer (hahahahahahaha – find an answer, yeah right!) Google advised that I proceed here. No, I'm not "checked in", yes, I changed my settings, I wrote ANOTHER E-MAIL TO GOOGLE  ADVISING THEM that I KNOW that REAL HUMANS work there, stop screwing around with me and just fix it, or have A HUMAN CONTACT ME to tell me how, and now I'm here, as I was advised that MICROSOFT may have something to do with it.  IS IT POSSIBLE THAT ANY/EITHER CO, can give me a correct answer, CALL me, because I am fed up with this B,S. and ready to drop both of you!  Seems like I'm NOT THE ONLY ONE EITHER! Get it together, stop screwing around and reading everyone's stuff and HELP PEOPLE INSTEAD OF F'N AROUND WITH THEM!

  9. Anonymous

    To keep yourself secure is very hard to do! Assume any type of wireless code can be compromised. With this said there three types. Hackers, Crackers, and the baiters.

    last being the worst! Keep all security downloads up on a daily basis Try the free program

    Malwarebytes. This is Anti Malware program you use after your Norton 360 checks or what ever program you use. Run this after you run Norton.It will route out most hidden codes left behind  ! Then if you like it you can run the free software. Or buy the Pro Ver.

    Google has to many back doors and they have keeping information on everyone that used

    it. iolo System Mechanic. the best all around security tuner on the market as I have used to get rid of file cookies as well others people wont tell you about!

Comments are closed.