Happy World Password Day
It seems like every year, there is a different celebratory day or month that highlights a topic. In the cybersecurity world, October is Cybersecurity Awareness Month. The awareness campaign was started in 2004 by the US Cybersecurity & Infrastructure Security Agency and National Cyber Security Alliance.
The first Thursday in May is World Password Day. Research suggests this honorary day was mentioned in 2005 by Mark Burnett. The book, Perfect Password: Selection, Protection, Authentication was entirely dedicated to passwords. One reviewer commented, “I never thought I would find a whole book about passwords to be interesting.”
Intel went on to bring the day to the mainstream in 2013. In a recent post they wrote, “Passwords have, by now, become a simple concept to grasp: they are comfortable and familiar for nearly everyone. But while their simplicity and familiarity are a strength, passwords suffer from many weaknesses as well.”
Secure Traditional Passwords
A password is a mechanism to verify the correct person is accessing the appropriate information. The concept is simple. Failure to secure this piece of information is the reason behind scores of data breaches and digital wrong-doing. A study estimated that 80% of breaches were caused by poor password management.
Here a few simple tips for password security:
- Do not reuse passwords on different accounts
- Do not share passwords
- Do not use common passwords
Improving Authentication and Security
Achieving perfect password practice is ideal. Achieving that ideal is a tall task. Circumstances make it very tempting to share a password, even though you know it is not right. The brain can only handle so many unique pieces of information. Password managers might work great in the usual browser. But if you need to enter it into a mobile app or another computer, you are password-less.
New advances that help make the password process easier and more secure include:
- Facial recognition or other biometric authentication
- Password tools that are properly installed
- Multi-factor authentication
Working with a Managed Security Service Provider (MSSP) adds another layer of security. A MSSP has a team of skilled analysts working 24×7 with the latest technology to identify signs of data breaches, fraudulent sign-in attempts, and other suspicious activity.