GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

By Chad Cragle

We celebrated World Password Day on May 6, 2021.

Related: Credential stuffing fuels account takeovers

Did you know that this unconventional celebration got its start in 2013, and that it’s now an official holiday on the annual calendar? Every year, the first Thursday in May serves as a reminder for us to take control of our personal password strategies.

Passwords are now an expected and typical part of our data-driven online lives. In today’s digital culture, it’s not unusual to need a password for everything—from accessing your smartphone, to signing into your remote workspace, to checking your bank statements, and more. We’ve all grown used to entering passwords dozens of times per day, and because of this, we often take passwords for granted and forget how crucial they are.

With that in mind, what steps can you take to ensure that your personal data is protected at all times? As a data-driven, security-focused company, we’ve rounded up our top tips inspired by World Password Day to help you improve your password game.

Password overhaul

We know… just the mere thought of coming up with (and remembering) yet another new password is daunting. The average person has about 100 different passwords for the various tools, apps, websites, and online services they use on a regular basis. With so many passwords to keep track of, those familiar “Update Password” prompts tend to get bothersome.

But, unfortunately, we live in a world of constant hacking attempts and security breaches. While changing passwords may be inconvenient at times, following this password best practice can help prevent the following data catastrophes:

•Giving hackers easy access to your most sensitive accounts (avoid this problem by steering clear of insecure methods such as HTTP or public Wi-F

•Breaches to multiple accounts that share the same or similar passwords

•Attacks by keystroke loggers who steal common login credentials

•Stolen passwords that can lead to data leaks

Cragle

Although it requires time and patience, password protection is one of the most important things you can do to safeguard your personal, professional, and sensitive data. The list below includes four easy and practical tips for creating better password policies.

Use complex passwords.  There’s a reason that websites and online services provide so much direction when prompting users to create new passwords. Variation in both the complexity and length really does matter when it comes to protecting your accounts. Always incorporate both upper and lowercase letters, numbers, special characters, and symbols into each password you create.

When used in combination, complexity and length make passwords much harder to guess at random. This tactic also prevents users from relying on common phrases or personal identifiers (such as date of birth) when making new passwords. A password that contains only lowercase letters of a simple phrase is much more vulnerable than a complex combination of different characters.

Use a password manager. Password management software takes some of the brunt out of remembering the many different combinations you use around the internet. Generally, a password manager requires the creation of one master password. Then, you’ll be given the option to connect different logins that are then placed into your password “vault.”

Many password managers also encrypt passwords to create an additional layer of protection. This means that once you’re logged into the password manager, you may be able to login automatically to different websites, but the exact characters of your unique passwords aren’t always visible.

Careful storage is a must. Although it’s tempting, you should never record passwords on paper or in plain sight somewhere on your desktop (such as on a notes app). These methods are easy to spot, which makes them even easier to steal. Additionally, it’s not very difficult to lose, misplace, or throw away passwords that you store on paper.

If you ever need to share passwords or login credentials with another individual (perhaps a family member or an approved coworker), always choose a secure method. Password management software also comes in handy when you need a secure way to share passwords.

Similar to keeping passwords in plain sight is utilizing easily accessible information, such as your pet’s or children’s names, as your password. Doing this will make passwords more predictable to hackers. If you need a password that’s easy to remember, consider utilizing that information in a unique way such as replacing letters for numbers or special characters.

Use multi-factor authentication. Strong passwords make a big difference, but sometimes, additional security is necessary. Multi-factor authentication (MFA) is the process of protecting your digital password with a physical form of identification. For example, when you enter your password into an online account like Gmail, you may receive a code to your mobile phone that you’ll have to enter for an extra line of security. MFA is an effective way to prevent cybercriminals from accessing passwords via third party online systems.

Multi-factor authentication can be conducted in a variety of ways—it might include a quick fingerprint scan, a phone call, a text message, or a code. MFA adds another roadblock to accessing your account and is a simple, yet powerful way to strengthen data security.

About the essayist: Chad Cragle is director of security and compliance at FormAssembly, which supplies an all-in-one online form builder and data collection platform.

Editor’s note: This article was initially posted here.

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone