How do you feel about password changes?

Something that practices find very disruptive are password changes. I asked our help desk what the number one call to the help desk is and in unison, they said “password changes”.

As you know, it is a HIPAA requirement to have a password policy, however you don’t need HIPAA to enforce best practices in your office. A basic policy for password changes will be every 90 days. Some stretch it to 120 or 150, but I think 90 is the best way to keep your unique user ID secure.

Why do password changes bother people so much? For a few reasons, but the number one reason is they forget what they changed it too. The second is that they like the same password for everything, and now they will have a different password. For example, they will not have a different password for Windows login, and the EMR login. Think about this for a minute…is that really what you want?

Gone are the days where you could use a basic password, like “password”. You must have a capital letter, numbers and a character. It is becoming more and more complex. Here are a few things you could do to remember your password.


1. Substitute letters for numbers. For example, use 3’s for e’s, zero’s for “o’s”, $ for and “S” and 1’s for L’s. So if you password is LOBSTER, you can make it 10b$t3r. Make sense? If you password is Mercedes, you can make your password M3rc3d3s. You don’t have to use all of the above mentioned. If your name is Sally Mae, you can use Sa11yMa3. Another thing you can do is use an @ in place of an “a”.

2. Another think you can do is add a number after your current password. For example, if you password is M3rc3d3s, you can change it to M3rc3d3s1, then M3rc3d3s11, etc.

Try some of these easy password changes. It will make your life easier, and keep you secure at the same time.