Topics In Demand
Notification
New

No notification found.

Protect your digital identity on World Password Day with stronger credentials
Protect your digital identity on World Password Day with stronger credentials

273

1

Passwords are more than just part of our daily life. We need them for nearly everything, from entering buildings, to accessing our finances, to monitoring our health. They are the key to all device activity, play a crucial role in protecting our private data, and should not be taken lightly. However, many individuals still use weak login credentials, posing significant risks to both themselves and to their organizations. As World Password Day approaches on 4 May this year, this is a great reminder to update your personal and professional and password security.

Weak credential management, the absence of a strong password, and a lack of employee awareness and training present significant risks for both individuals and organizations, especially as cybercriminals are continuing to capitalize on the disruption caused by the COVID-19 pandemic. In 2020, organizations rushed to give their employees remote access to business systems, and the risks of using weak passwords increased dramatically. The new paradigm of work is a prime target for data breaches as a greater number of networks are now more vulnerable and therefore easier to exploit.

To address these risks, individuals and organizations must implement good password management to become more resilient in the face of global disruption. There are several steps individuals and organizations can take to advance their digital security:

  • Refraining from making well-known character substitutions when creating a password. For example, replacing an ”s” with a ”5” or a ”$”, as cybercriminals can simply utilize password cracking technologies to use replacement characters and gain access to your systems.
  • Avoiding public Wi-Fi and ensuring a secure connection when logging in to a device or accessing a program. Cyber criminals use specialized tools to infiltrate public Wi-Fi networks and search for passwords saved on devices connected to them.
  • Not selecting “yes” when prompted to autosave a password.
  • Implementing strong password policies backed with multi-factor authentication (MFA) to keep individual access and organizational access secure. Biometrics such as touch ID, face ID, or fingerprint managers add an additional layer of security.
  • Never storing passwords on devices or in written form on a notepad. Instead, use a password manager to store them in a safe place. For example, 1Password, or Keepass.
  • Resist using a common password pattern to reduce the chance of access from an attempted password spraying attack, such as ‘Summer2023!’. A very well-known pattern is to use a common word (a company name, a season, or a city), capitalize the first letter, add a number (usually a year), and then a special character.
  • Implementing non-standard password replacements such as using ”_R” instead of ”s.” The more unique the password, the more secure the password will be.

World Password Day is a prime opportunity for all organizations and individuals to review, update, and strengthen their passwords and policies. Implementing proactive and regular employee security awareness training as part of the organizational security strategy will also help to increase the overall security posture and resilience of organizations.

 

Blog By: Mark Brown, Global Managing Director, Digital Trust Consulting, BSI


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


BSI enables people and organizations to perform better. We share knowledge, innovation and best practice to make excellence a habit – all over the world, every day.

© Copyright nasscom. All Rights Reserved.