How often do you change your administrator/root password?

password

Solution 1:

Let's do a quick calculation (and forget best practices for a moment):

Assume a timeframe of six months for an attacker to hack your system. Let's also assume, that passwords are randomly chosen from a character set of size 62.

Scenario 1: You use a 9 character password for the entire six months.

Scenario 2: You use a 9 character password for the first three months, and a different 9 character password for the remaining three monts.

Scenario 3: You use a 10 character password for the entire six months.

In Scenario 1, a brute force attacker hacks your account with 100% certainty, if he can do 62^9 attempts in that time.

In Scenario 2, if he can do only (62^9)/2 attemps in half the time (three months), he'll hack the account with 50% certainty. In the second half, he'll get another chance with 50% certainty. So statistically, he'll hack the account with 75% certainty.

In Scenario 3, he'll have 62^9 attempts for the entire six months. But there are 62^10 possibilities. So he'll hack the account only with 1/62 certainty, that's about 1.6%.

So if we leave all other factors out (like stolen passwords and other kinds of attacks), the recommendation would be to rather choose longer passwords than using shorter (or simpler) passwords, even if they're changed more often. Especially, because in Scenario 3, there are only 10 characters to remember, while in Scenario 2, it's 18 characters.

Solution 2:

We're mostly windows, and each of the admins has their own domain admin account, and we just trust one another to have strong passwords and to change them every now and then. I'm sure everyone has strong passwords because we use peer-pressure to ensure they're long and have numbers and/or characters in them, but we don't change them often enough.\

ADDED: By now, most people have probably heard this, but just in case. Encryption and security expert Bruce Schneier says you should have strong passwords and write them down.

Solution 3:

Although it would theoretically be much better to change passwords frequently, the let's-write-that-down-on-a-post-it-factor increases exponentially as the validity period gets shorter.

If this is for private use only, why not use public key authentication and have just a good PW for your keyring?

Related

How to track down a file descriptor leak?
How does Windows kill a process, exactly?
Which kerberos flavor?
Extract files from VMDK
tcpdump How do I use it to capture all traffic headers
Akward delay to connect Apache's proxy request to a node.js App
How to Protect Sensitive (HIPAA) SQL Server Standard Data and Log Files
Small, simple LDAP server as an alternative to OpenLDAP [closed]
Completely disable "this program has stopped working, etc" dialog
What's the point of SAN routing?
postfix says mail sent ok, message does not arrive in ISPs inbox? no reject in log?
SSI includes not working on Debian with Apache