In an increasingly digital age, passwords are often the key to a person’s world. From social media to shopping to work, our digital information and online presence hinge on a strong password to protect our privacy and security. Weak passwords, however, can spell disaster.
“As passwords continue to be the most widely used and accepted method of authentication, poor password practices can cause great risks to organisations,” said Chern-Yue Boey, Senior Vice President for Asia-Pacific, SailPoint.
Despite the overwhelming risks of weak passwords, a 2019 study by Google found that almost 60 per cent of users still use their name or birthday in their password. Over 40 per cent have shared their password with someone.
Mr Boey added, “A good password management solution today should work in tandem with an organisation’s identity security solution while supporting applications on-premises and in the cloud. It should also empower employees with an easy and intuitive way to change or reset their passwords themselves.”
Jacqueline Jayne, Security Awareness Advocate APAC at KnowBe4, notes that there’s still “a long way to go” regarding password hygiene.
Her top tips to improve an organisation’s password security include never reusing passwords, never sharing your password with anyone else, and investing in a password manager tool.
“The average person has anywhere between 70 and 100 passwords (I have over 200), and it is simply not possible to remember them all,” she explained. “Especially when you consider that passwords need to be unique, complex, and depending on where you read it, anywhere between 8 and 20 characters.”
She also emphasises the use of multi-factor authentication (MFA) for online accounts to provide an extra layer of security to your data and changing passwords if there are any concerns that it has been compromised.
“On the web, if you think your password may have been compromised, change it at once and then check your other website accounts for misuse,” Ms Jayne advises.
Organisations are also advised to consider cybersecurity training for all employees, given they may have different technology background levels.
“None of us like passwords. They are, however, a necessary evil and will be around for a while yet,” Ms Jayne says.
How to create a strong, complex password
According to new research by NordPass, it seems business owners and high-level executives continue to take their cybersecurity for granted. The most popular password used by executives is “123456” (used over 1.1 million times), followed by “password”, “111111”, and “qwerty.”
The research also observed extensive use of names or mythical creatures in creating passwords, such as “dragon”, “monkey”, “Charlie”, “Michael”, and “Jordan.”
To help you avoid the trap of easily hackable passwords, Ms Jayne shares a helpful trick:
- Think about using a phrase or sentence with at least eight words, perhaps inspired by a song or quote, that will be easy for you to remember but hard for others to guess. Example: “I Want To Put A Dent In The Universe”
- Take the first letter of each word of your chosen phrase: IWTPADITU
- Add numbers or uppercase and lowercase letters: iWtpAD1tU
- Finally, use special characters to replace some letters or even add an extra character to the mix: : iW+pAD1tU!
READ ALSO: Q&A: Cybersecurity and how to lower the risk to your business