World Password Day
In other cybersecurity news …
May 5 isn’t just Cinco de Mayo, it’s also World Password Day. Proper password hygiene has become critical to protect both organizations and individuals from being exploited by adversaries.
Patrick Beggs is ConnectWise‘s CISO.
“In the early days of the world wide web, you were probably able to get away with a password as simple as 12345,” he said. “Times have changed since then, but humans remain predictable. Research has found that women typically include personal names in their passwords while men often use their hobbies. And experienced hackers also know the common vowels, numbers and symbols that often appear in passwords.”
Cybersecurity breaches are at an all-time high, but there are three simple things people can all do to protect themselves, Beggs said.
“First, prioritize length over complexity, because we aren’t very good at remembering complex passwords, and longer ones are more secure,” he said. “Second, only use platforms with multifactor authentication (MFA). A password alone is not enough to protect you. And finally, never reuse. Most breaches happen when a password from one platform is used with another system that shares the same password. If you follow these three simple steps, your passwords should be strong enough to stop a determined hacker from causing damage.”
Tyler Farrar is Exabeam‘s CISO.
“Colonial Pipeline, SolarWinds, Twitch, all of these organizations have one thing in common: They suffered data breaches as a result of stolen passwords and credentials,” he said. “Credential theft has become one of the most common and effective methods cyber threat actors use to infiltrate organizations of all sizes and access sensitive data. We strongly support efforts like World Password Day that raise public awareness and can help to combat this pervasive issue. We advocate for the best practices that ensure cyber hygiene, and protect personal and professional passwords and credentials to prevent credential-based attacks from continuing.”
Corey Nachreiner is WatchGuard Technologies‘ CISO.
“World Password Day continues to serve as an annual reminder that we all need to practice better password security, and despite rumors that passwordless authentication will kill the password, I’m confident the password is here to stay for decades, necessitating this continued attention,” he said. “Attackers continue to add millions of new leaked credentials to the billions already available on various undergrounds and the dark web. This trend has continued for years now, which is why World Password Day is still important.”
The most important authentication best practice is MFA, “which is why I believe that a world MFA day would make a more powerful and effective observance to strengthening digital identities,” Nachreiner said.