Zum Hauptinhalt springen
Better Password Generator

Change Password: When and How to Do It Correctly

Changing a password is an important security measure – but not as frequently needed as many people believe. Current security guidelines recommend no longer changing passwords at fixed intervals. Instead, you should change your password deliberately when there are concrete signs of a security risk.

When Should You Change Your Password?

Change a password immediately in these situations:

  • Data breach at a service: When an online service reports that user data has been stolen
  • Suspicious account activity: When you notice unfamiliar activity in your account
  • Phishing attack: When you accidentally entered your password on a fake website
  • Shared device: When someone else had access to your device
  • Insecure old password: When your current password is short or simple
When you do NOT need to change your password: Just because a calendar interval has passed. Forced changes in practice often lead to weaker passwords (e.g., “Password1” → “Password2”).

How to Create a Strong New Password

Before changing a password, you need a new, strong one. Use the Password Generator with these settings:

  • Length: At least 16 characters
  • Character types: Enable all four (upper, lower, numbers, special characters)

Save the new password immediately in your password manager – before you use it.

Changing Passwords at Major Services

Google Account

  1. Open myaccount.google.com
  2. Click “Security” → “Password”
  3. Enter current password → Enter and confirm new password
  4. Click “Change password”

Email Password (general)

  1. Open your email provider's login area
  2. Account Settings → Security → Password
  3. Enter current + new password

Windows Password

  1. Settings → Accounts → Sign-in options
  2. “Password” → “Change”
  3. Enter current password → Set new one

Social Media Passwords (general)

Settings → Security and Privacy → Password → Change

Tip: After every password change at an important account, check whether two-factor authentication is enabled.

Common Mistakes When Changing Passwords

  • Just adding a number: “Password1” → “Password2” is not a security improvement
  • Choosing a similar variant: Attackers know these patterns
  • Writing the new password somewhere: Store it only in an encrypted password manager
  • Keeping the old password at other services: If a password was compromised, change all identical passwords

Frequently Asked Questions

Related Topics

Generate New Password →Reset Password →Recover Password →Password Manager →Two-Factor Authentication →