Some people never change their passwords. Ever. Even if they get locked out of an account and are requested to change their passwords to protect their security, they either refuse to do so or, after changing it, immediately change it back to what it was. This action is understandable. After all, you may have your email login information saved onto your own devices, and then when you need to access your email from another computer, you may not have any idea what you changed your password to. You may either have to change your password altogether or just give up on trying to log in from a different computer. The process is enough to frustrate anyone.
However, not changing your passwords can be just as damaging as using the same password for multiple accounts. At any given time, somebody may be on the brink of deciphering one of your passwords.
Imagine that someone was able to figure out the password to your online bank account and was able to access it!
As a rule of thumb, you need to change your passwords at least every six months. Anytime you get an email suggesting that unauthorized activity may have been carried out on an account, you need to change that account’s password right away. If you must use password recovery to get into an account that you are locked out of, do not change your password into an old, previously used password.