|
|
|
|
|
|
by pgsandstrom
3324 days ago
|
|
|
Rotating passwords will only help in a very specific situation: When the password has been leaked, but you have not yet been hacked. If someone has already gained access to the system, changing passwords are not sufficient. If no one has gained access to the system, rotating passwords does not protect you against social engineering. |
|
|
The one mod I'd suggest is:
If someone has gained access to the passwords and has not used the password yet or was not interesting in directly using the password themselves, but rather, they on sold it. There is a window of opportunity that rotation helps.
For example: you may be on one of the password lists being sold in the dark web. The owner of the list isn't hacking you, but those purchasing the list will some time soon.
So more specifically, you could be compromised by malware on a PC holding the password and that password may be extracted, sold and may not be used against you for months. Rotation helps in this case which is more common than we care to admit.