Keeping cyber secure this World Password Day 2022
How can you keep cyber secure this World Password Day? Industry experts share their views with Electronic Specifier with keeping cyber safe.
Rarely does a day go by where we don't hear of another company being breached, making user credentials available to anyone willing to pay what equates to a pittance.
According to research, 65% of users still use the same or a similar password for multiple accounts, with many users unaware of the risks when using the same passwords for work and private accounts.
Steve Bradford, Senior VP EMEA at SailPoint said: “Passwords will remain central to login verifications online for years to come, so this World Password Day, it’s important to make sure we’re taking the right steps to keep these secure and robust.
“That means perfecting the basics – using a unique combination of letters, symbols and numbers so that passwords aren’t easy to guess and refraining from using the same password across multiple accounts.”
As hard as that is to realise, it’s even more alarming to see that the most used passwords rarely change despite the industry galvanising around their importance.
CEO of LastPass, Karim Toubba reflects on why passwords are often at the forefront of cyberattacks and why now is the time to take stock of online habits to ensure the necessary steps are taken to keep online information safe.
“Passwords – while designed to give you access to online worlds while protecting your information – are often at the forefront of cyberattacks. And while time and again we find that consumers and businesses are not taking the appropriate steps to safeguard their passwords, it is more important than ever for everyone to take their online security more seriously,” he said.
“World Password Day is an important moment to take stock of your online habits and ensure you take the necessary steps to keep your online information safe - especially passwords, which are your first line of defence.
“This comes clearly into focus with new data from our research team, which found consumers average nearly 18 passwords for their online accounts, with nearly three quarters of consumers noting they’ve reset their password at least once in a month because they forgot them.
“Given the frustrations that can often accompany keeping track of unique passwords for our ever-expanding digital lives, we also found that only half of respondents are confident in their passwords protecting them from a breach. Leveraging a password manager alleviates many of the pain points that accompany password hygiene while managing your logins for you – so you can get back to focusing on things that matter,” concluded Toubba.
In addition, Bradford said: “It’s certainly difficult to remember multiple passwords, especially when they’re being changed regularly. But you should resist the urge to write these down on a scrap of paper which could easily get lost – it’s a data protection taboo.
“The best and most secure way to keep track of these is to use a password manager that requires two-factor authentication.”
Should we ditch passwords?
Offering a different perspective, Sanjay Gupta, SVP and Managing Director, HooYu at Mitek believes that as a society, passwords should be ditched. Instead, we should utilise our unique features, our behaviour and our voices, should be the new ‘top secret’ asset for protecting our data more effectively.
Gupta said: Passwords need to be put to rest. What once was a string of characters believed to be top secret has become every cybercriminal’s haven. World Password Day is one that needs to evolve given passwords’ vulnerability.
“Instead, we should move towards a password-less future – one that relies on our unique features such as voice, face, and fingerprints to gain digital access conveniently and securely. Besides physical biometrics, there now exist newer tools like behavioural biometrics which verifies identities by assessing their behaviour to create a unique digital fingerprint.
“However, while biometrics is the next step forward, its adoption is stalled by people’s fear and lack of understanding of the tech. Passwords have also become too ingrained into our society, making it hard to convince people to change their habits.
“The key to a password-less future starts with education. We need to help people understand how biometrics work and why it can never be stolen or misused. Passwords alone are not enough and as our youths of today demand security and speed, we need to introduce a quicker, seamless authentication option that promises protection against fraudsters.”
Making matters worse is that old school hacks persist where the bad actors use proven techniques, such as credential stuffing, to spearhead corporate and personal data breaches.
Strong password protection remains a crucial element of protecting what matters to you and the business you work for. Don't make it easy for the bad actors to use an easily cracked password. Believe it or not, hackers have also realised that ‘P@ssword123’ meets all the basic requirements for many applications. They can also easily use social engineering to find the name of your favourite pet or where you last went on holiday.
Finally, Keiron Holyome, VP UK, Ireland & Middle East, BlackBerry shares his top three tips for remaining cyber safe:
- Be creative. But avoid references that have also been shared social media
- Avoid cliché substitutions (e.g. @ for a, 1 for I, 3 for E). If you know about it, so will the hacker’s computer algorithm.
- Use a password manager to simplify creating and managing difficult to crack passwords. Also, if one of your online providers notifies you of a breach, immediately change your password.