Strong, Unique Passwords: The Front Line of Cybersecurity
Today, World Password Day, encourages users to #LayerUp.
![Happy password day Happy password day](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltc5d5a0e8b02fde6e/652458ee7c8a4777ed910185/Happy-Password-Day.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
“The ideal password is at least 10 characters long and contains a random string of letters, numbers and symbols,” said Dashlane’s Schalit. “A long and complicated password ensures that hackers won’t have an easy time cracking your account.”
“This ensures that if one account is breached your other accounts remain secure,” said Dashlane’s Schalit.
“Too-frequent password rotation causes problems,” said Hal Lonas, Webroot’s CTO. “People tend to use easier-to-guess passwords if you force them to change too frequently. So requiring a password change every 30 days can actually cause more problems and not enhance security.”
“Identity theft is one of the world’s fastest growing crimes, but adding strong authentication to your password can prevent it,” says the World Password Day website. “Whether you’re protecting your bank account, your email or your social media, put the brakes on ID theft by layering up!”
“Simple stand-alone passwords may be easy to remember, easy to use and work across many environments, but they are also easy to guess, easy to phish and easy to compromise,” said Tim Brown, vice president of security at SolarWinds MSP. “Password managers have done a great job enabling us to use complex passwords while eliminating the need for us to remember them.”
“A password manager keeps you regimented by not using the same passwords too often and makes sure you change your password often,” said Charlie Tomeo, Webroot’s vice president of business sales. “It requires you to be diligent about the level of security of your passwords.”
“If you have the choice between just a password or a password combined with multifactor authentication, always choose the latter,” said SolarWinds MSP’s Brown. “A little bit of disruption every time you log in is well worth the security it provides. Over time, multifactor authentication should be regarded as a necessary security requirement for anything that today requires a password, not as an added extra.”
“You should always go to the next step beyond complex passwords with multifactor authentication or conditional access, especially for sensitive environments,” Brown said.
“If you have the choice between just a password or a password combined with multifactor authentication, always choose the latter,” said SolarWinds MSP’s Brown. “A little bit of disruption every time you log in is well worth the security it provides. Over time, multifactor authentication should be regarded as a necessary security requirement for anything that today requires a password, not as an added extra.”
“You should always go to the next step beyond complex passwords with multifactor authentication or conditional access, especially for sensitive environments,” Brown said.
Strong, unique passwords are vital to individual and enterprise online security.
Each year, the first Thursday of May is World Password Day. It was created by Intel in 2013 to raise public awareness of the critical need for using strong, unique passwords. But seven years later, the need is still there and perhaps even more critical than ever.
Countless employees working from home right now. And the frightening truth is that there’s nothing standing between many companies’ essential data and determined hackers except passwords such as “password123” and “PuppyToes4.”
WatchGuard’s Corey Nachreiner
“It is somewhat surprising and depressing that we still need a special day to get the message across,” said Corey Nachreiner, CTO at WatchGuard Technologies. “But the truth is that passwords still play a big part in our lives. And with many millions of us currently working from home and hackers working overtime to take advantage of COVID-19, strong authentication is more important than ever. In the office you can physically check on people but when everyone is remote, their digital login is all you have.”
“The chances are that home workers are repeatedly authenticating to many online and cloud-based corporate resources but from less secure and trusted networks,” he said. “This makes the hacker’s job at sniffing out or stealing credentials a little easier.”
Dashlane’s Emmanuel Schalit
“There are obvious security risks mounting alongside the increase in remote work we’re seeing due to COVID-19,” said Dashlane co-founder and CEO Emmanuel Schalit. “Many employees that rely on their companies’ security measures for workplace devices are now using their personal devices to conduct business. This leaves individuals and companies much more vulnerable to online risk. It’s so important for consumers to take online safety into their own hands — whether they are on their devices for work or personal use.”
A Critical Security Risk
One critical security risk surrounding the current work from home situation is that many people tend to use the same password on multiple sites. That means if it is broken, several sites could be at risk. In a Webroot survey released last month, 49% of respondents said they use the same password across multiple accounts.
According to the LastPass Psychology of Passwords Report, 91% of people know password reuse is insecure, yet two-thirds do it anyway. Half of respondents hadn’t changed their passwords in over the past 12 months even after hearing about a breach in the news.
“It’s particularly important for MSPs to ensure their clients exercise good password security hygiene and implement strong, unique password requirements,” said a Webroot spokesperson. “Weak passwords can lead to breaches of client data and reflect poorly on the security solutions in place, even if they weren’t to blame.
Help With Password Management
In recognition of World Password Day, KnowBe4 has launched a new kit to help people strengthen and improve their password management. The KnowBe4 Password Kit is available to anyone who is looking to learn more about password best practices. It includes a complex password guide, a video by security consultant Kevin Mitnik on how easily a password can be cracked and KnowBe4’s complimentary Password Exposure Test.
Scroll through the gallery above for more tips from cybersecurity pros on creating strong, unique passwords.
Read more about:
MSPsAbout the Author(s)
You May Also Like