There are key times when you should change a password.

They include: 

  • After a service discloses a security incident.
  • There is evidence of unauthorized access to your account.
  • There is evidence of malware or other compromises of your device.
  • You shared access to an account with someone else and they no longer use the login.
  • You logged in to the account on a shared or public computer (such as at a library or hotel).
  • It’s been a year or more since you last changed the password, especially if you don’t have multi-factor authentication enabled.

In all these cases, updating your password is a smart precautionary step. A new password ensures that someone can’t abuse your account even if they have the old password.