We don’t really have to wait for World Password Day to be reminded about the importance of having a strong password. After all, pretty much every product and service requires signing in with login credentials, almost all of which require a password.
“Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.” – Clifford Stoll
Most of us can’t afford to wait until our businesses (or worse, customers) have sensitive information stolen.
According to Verizon, 80% of breaches happen because of password theft. So before you create that new account with the same password yet again, firstly read on to find out just how important a strong password is and how to create one.
What is World Password Day?
Intel created World Password Day to recognize the importance of strong passwords. It happened on the first Thursday of May and was first observed in 2013.
Think how much has changed since then; every aspect of our lives is now stored online, whether that’s within social media accounts, in cloud storage, or on countless apps. That’s why you mustn’t overlook the strength of your password. While you might think you’re the first person to develop “ILOVECATS123”, hackers will guess it in seconds flat.
You’ve no doubt heard that attacks can happen to anyone and even affect passwords that seem, on the face of it, to be secure or hard to guess. So why is World Password Day so important? Above all, nearly two-thirds of people who had their password stolen in a phishing attack still haven’t changed their password. Yikes.
Another additional goal of World Password Day is to help people understand that good password habits are an essential part of staying safe and secure in our increasingly digital world.
What makes a password weak?
Several characteristics can make a password weak and easy to guess or crack. Some of the common factors that contribute to weak passwords include:
1. Using personal info
Using your name, your date of birth, or your favorite food is a big no-no. They’re far too easy to guess (yep, even when you swap the ‘A’ in ‘tacos’ with a ‘4’). Passwords that rely on something you know, like personal information, are some of the easiest passwords to steal.
2. Using the same password on every site
We get it; it’s hard to remember dozens of passwords for each account you have access to. This is especially true for businesses and employees. However, relying on memory alone means we’re more likely to reuse the same password repeatedly. This is bad news when cybersecurity is concerned; if a hacker can guess your password once, they potentially have access to multiple accounts in one go.
3. Writing it down
Have you run out of space in your brain to store all those passwords instead of relying on a spreadsheet or good old-fashioned pen and paper to jot them down? This could be a big mistake. Anyone could find or intercept that information and steal access to your data.
4. Using common phrases
Similar to using names and dates, using common phrases or strings of information is easy to remember. Think ‘123456’ or ‘qwerty’. The trouble is that hackers know millions of people will rely on easy-to-crack passwords. Most people use super simple phrases to protect the most sensitive data.
5. The most commonly used passwords
Are you one of the millions of people still using basic passwords?
NordPass published a study of passwords and these are some of the most commonly used phrases:
- ‘123456’ was used nearly 104 million times;
- ‘password’ was used over 20 million times;
- ‘qwerty’ was used over 22 million times.
Did you spot yours? Similarly, most people also liked using their own names as a password. In all these cases, an experienced hacker could crack these in under a minute.
6. Short length
Passwords that are too short are easier to crack. A good password should be at least 8 characters long.
Ways to create secure passwords
1. Use a password generator
You can integrate into your browser a password generator to help you automatically generate practically hacker-proof passwords. They randomly create long passwords that you can store as encrypted data, so you can say goodbye to your easy-to-guess passwords.
2. String together nonsensical phrases
It’s harder for hackers to guess passwords that don’t make much sense. Forget names and dates, think of three or more random words you can string together and you’ll automatically make a stronger password.
3. Use a mixture of characters
Usually, to create stronger passwords, you need to mix upper and lower-case letters, numbers, and special characters. That’s why many sites will now ask you to provide a password with a mixture of these.
4. Don’t change your password regularly
The recommendation of changing passwords frequently was dismissed by NIST a couple of years ago. In fact, individuals asked to change passwords frequently are much more likely to keep an old password and merely append a number, letter, or special character to the end of it. Professional hackers know this trick and are savvy enough to predict minor changes. When is the right time for you to change your password? If something or someone compromises your password and you know it. Otherwise, an annual password reset is enough.
5. Combine your password with a 2FA
2FA is one of the strong security measures! This will add an additional layer of security and can’t be guessed or predicted. Using an app like Authy to randomly generate passcodes that change every minute or a fingerprint scanner to use your biometrics makes accounts far less likely to be compromised. Moreover, we don’t recommend using software and solutions that do not have a 2FA mechanism in place.
Want to create hard-to-crack passwords with ease and have somewhere to store them? For security, you and your business should adopt the use of password management tools. Here are a few of our favorites.
One of the easiest-to-use password managers available, LastPass provides free and paid options to keep passwords safe. All passwords can be stored in the ‘vault’. This allows you to encrypt the data to make them almost impossible to steal. You’ll only need a master password to access all accounts (which is far easier to remember).
Plus, it has a handy inbuilt password generator that can automatically create strong passwords to your specification.
Not just a password manager, Onetimesecret is a unique site that allows you to send an encrypted message to anyone using a URL. Simply type your secret message (or your password that you don’t want anyone else to see), set an expiry date or time, and send the unique link.
III. Keeper Password Management
Keeper is regarded as one of the most secure password managers available, providing security up to the government level. They have plans to suit any sized business and even family plans for employees, plus training and role-based access to vaults so people only see the data that’s meant for them.
1Password is another well-known password manager that offers sharing capabilities. You can share passwords with team members, control access permissions, and revoke access anytime.
TeamPassword is a dedicated password-sharing tool that allows teams to share passwords securely. You can create teams, add members, and share passwords with specific team members.
When using password-sharing tools, it’s important to remember to share passwords only with trusted individuals and to regularly review and update your passwords for security purposes.
Celebrating World Password Day
In conclusion, let’s all celebrate World Password Day by creating or changing them in a more safe way!
Remember to use strong, unique passwords for each account and change them regularly. This will help prevent unauthorized access and protect your sensitive information.
Want to read other useful tips to improve your social media presence and grow your site?
Check 11 amazing social media management tools for MSPs and Design an effective MSP Marketing Strategy.