Do You Need to Change Your Passwords? Microsoft Says No, But…
Last week Microsoft once again made news for a security issue. While you may have grown used to seeing announcements on the latest patch to fix the latest security hole on Microsoft’s products like Internet Explorer, this one was a bit different. Microsoft researcher Cormac Herley released a study that sort of sounded like they were encouraging others to be lax on security. The reason, the cost of changing passwords and learning about things like phishing isn’t worth the time in terms of dollars to do so.
Hmm… sounds fishy. Herley estimates that if it takes 1 minute per day from every working adult to focus on security the cost is $15.9 billion per year. Okay that’s a lot of moola, but what’s your actual cost of spending 1 minute per day on security. Let’s say your hourly rate is $60.00. If you spend one minute a day on internet security your costing yourself $1.00. Chances are you don’t even need to spend a minute a day to have secure passwords, more likely the total task on a yearly basis would be in the hour to two hour range and that’s if you have a lot of passwords. This is certainly true if you use a secure password manager to automate the tasks you can. You probably don’t spend more than 20 minutes updating your virus protection yearly. And, in terms of avoiding phishing, you can learn all you need to know and stay up to date in 20 minutes every six months. Total yearly time cost, two hours. So it costs you $120.00 per year to not have your identity stolen, not have your bank account broken into, not have your credit cards hijacked, not have your credit rating destroyed. Want to guess how many hours any of those things are going to take to repair?
Do yourself a favor, get good anti virus protection with a firewall, get a password manager and stay up to date on the latest phishing hazards because 2 hours a year can save you endless hours of headache, no matter what Microsoft says.
“
This is a very good article, David. You make a lot of good points about the value of taking a little time to protect passwords and other info. I don’t understand how Microsoft came to the conclusion that a few minutes a week wasn’t worth the effort (maybe because it’s not THEIR loss).
I also wanted to note that the comments you made about streamlining the look of my website were very helpful. I made the revisions you suggested, and it looks better, and is easier to understand.
Yours,
Joel