Tech & Innovation in Healthcare

Question: How often should we change our passwords? I can’t remember the last time our staff had to change and update their passwords.

Florida Subscriber

Answer: IT experts recommend changing your password every three months. However, if you or your organization has been a victim of a cyberattack, then you should change the password immediately.

Practicing good cyber hygiene is a proper habit for any organization to get into, whether you’re in healthcare or another industry. By using long and complex passwords for each site you visit, network you’re a part of, or email account, you’ll ensure greater security. If you’re concerned about remembering a long and complex password, consider using a password manager to securely store the unique passwords you have. Some password managers will even create a distinct password for you with the requirements listed by the website.

The National Institute of Standards and Technology (NIST) recommends using the longest password or passphrase the system allows, and the government’s Cybersecurity and Infrastructure Security Agency (CISA) agrees with NIST’s recommendations.

However, one of the biggest errors some users make when changing their password is reusing a password from a different account. Even if the password is strong, repeating it puts the new account in danger. “If attackers guess your password, they would have access to your other accounts with the same password,” CISA explains in their recommendations.