Study: Password changes are a waste of time

Monday - 4/19/2010, 5:01pm EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Jane Norris (6-10 a.m.) and The Daily Debrief with Chris Dorobek and Amy Morris (3-7 p.m.). Listen live at or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • Think for a second: How many different passwords have you used today? A new study has concluded what you have been thinking. Changing those passwords, keeping dozens of them in your head for shopping, banking, or logging on at work -- all of it is a waste of time. The Boston Globe reports that a principal researcher for Microsoft Research finds that redoing those passwords regularly just doesn't help much. It's not that he thinks we should just give up on protecting our computers with passwords. He says the problem is that users are being asked to take too many steps, and more are constantly being added as new threats emerge or evolve. Security professionals have generally assumed that you can't have too much knowledge in the battle against cyber crime. But a crucial part of the equation is, how much is your time worth?

  • Virginia Congressman Randy Forbes wants a hearing to investigate the impact of cyber attacks on the U.S. Military. Forbes has sent a letter to Chairman Ike Skelton of the House Armed Services Committee requesting the hearing. He wants to focus on cyberattacks that come from other countries, like China. He says because the U.S. is so dependent upon computer systems, it appears the U.S. is losing the cyberwar. He believes threats are coming from all over the world, and the U.S. needs to ensure that the military can stand up to the cyber attacks.