Info Image

Why World ‘Password’ Day Needs a Refresh

Why World ‘Password’ Day Needs a Refresh Image Credit: Yastremska/Bigstockphoto.com

If you didn’t realize that the first Thursday in May was World Password Day, you’re not the only one. Intel Security officially declared it back in 2013, but apparently, even they’ve forgotten about it; the URL for the “official” World Password Day website now directs to a COVID-19 resources page. It’s just as well. Most people had never heard of this “holiday,” and those who did were probably quite confused and didn’t do anything to change their password behaviors.

While World Password Day can easily be lost within the shuffle of countless other holidays, this year’s holiday comes at a unique time in history. The COVID-19 pandemic has forced countless businesses around the world to suddenly shift to a remote workforce, presenting an opportunity for users to leverage technology to handle and mitigate the pandemic.

It’s evident this “new normal” of working from home has given people a new comfort. However, this relaxed setting has also decreased concern for proper cybersecurity practices, including effective password management. Coupled with the fact 80% of data breaches are due to stolen or compromised passwords, the question is not if, but when a company or individual will encounter a cyberattack.

While World Password Day is a passive holiday that doesn’t elicit any action, good password hygiene is important every day, especially in the new normal. Instead of celebrating World Password Day, we should practice continuous good cybersecurity hygiene, via effective password management, year-round.

Below are five reasons why World Password Day needs a refresh, and why we must take continuous action to ensure our passwords are safe.

People are suffering from password overload and weak security

The name “World Password Day” implies that businesses or consumers have only one or a small handful of passwords to keep track of. This is another antiquated notion. According to a survey by Digital Guardian, 70% of consumers have at least 10 password-protected online accounts, and 30% have “too many to count.” All of those passwords are too difficult for anyone to keep track of manually, which results in users engaging in risky practices, such as using weak passwords, reusing the same passwords across accounts, and storing passwords insecurely.

Consumer password overload and weak security is fueling business data breaches

When consumers engage in risky password management practices, such as using weak passwords and reusing passwords across personal and business accounts, they put both themselves and their employers at risk of data breaches. 70% of respondents to Keeper Security and the Ponemon Institute’s 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses report cited stolen or compromised employee passwords as a major pain point.

Password overload reduces productivity

In addition to contributing to data breaches, password overload also impacts organizational productivity as users scramble to find passwords amidst spreadsheets, sticky notes, and other inefficient tracking methods. Sometimes, they give up and ask the help desk to reset their passwords, which ties up IT personnel and takes away from time they could be using on more productive tasks.

Multi-factor authentication is just as important as strong, unique passwords for protecting against remote data breaches

It’s imperative that everyone use a strong, unique password for every online account to prevent brute-force password spraying and credential-stuffing attacks. However, strong, unique passwords are not a standalone security solution. If a password is stolen in a data breach and put up for sale on the Dark Web, how strong it is won’t matter. For this reason, it’s just as important for users to enable multi-factor authentication (2FA) on every account that supports it. With 2FA in place, even if a cybercriminal gets hold of a password, they won’t be able to access the account without the second factor.

While this year’s World Password Day may come and go, it is clear we must evolve our approach to password management for better cybersecurity. Similar to how individuals are currently taking the necessary precautions to safeguard their health, individuals need to do the same for their digital identity. Whether it’s through strong password practices or not, let’s make it a continuous goal to practice proper cybersecurity hygiene year-round.

Author

Darren Guccione is the CEO and co-founder of Keeper Security, Inc., the creator of Keeper, the world’s most popular password manager. Prior to Keeper, Darren served as an advisor to NinthDecimal (f/k/a JiWire) and as the CFO and Co-founder of Apollo Solutions, Inc.

PREVIOUS POST

Extraordinary Circumstances Bring New Meaning to 5G

NEXT POST

The Impact of the Corona Pandemic on Mobile Network Operators