World Password Day is a day, falling on the first Thursday in May each year, designed to remind people to improve each and every one of their passwords. This remains an important consideration, given the levels of global cybercrime. As Digital Journal reported, the U.K.’s National Cyber Security Centre (NCSC) recently examined passwords and this analysis found that the password used by the majority of people who have had their on-line security compromised in someway is notable in its simplicity and is easily hacked, being “123456.” The review also found that a range of other popular passwords were very easy to hack.
READ MORE: New analysis of passwords reveals too many that are easy to crack
Various other reviews of passwords indicate that the majority of people still regard passwords as an inconvenience, choosing one that is easy to remember and use on multiple accounts. The concern for users of computerized systems is that if it’s that if a password is relatively easy to remember, it’s probably equally as easy for somebody else to guess. Furthermore, if the password exists on multiple accounts then one hack can lead to all of the passwords to come tumbling down at once.
What can be done to improve password controls? Tom Patterson, Chief Trust Officer at Unisys tells Digital Journal that passwords can be improved by different ways of thinking about words and numbers: “Maybe it should be called National PassPHRASE day. It’s the WORD in PassWORD that is one thing holding people back.”
For advice, he suggests: “Think PassPHRASE instead and you’ll have much stronger security that’s even easier to remember”. For example: #MyHouseWith3BedroomsIsGreen”
Patterson follows on from this by saying with password basics, people should include “using a pass phrase instead of a simple word; not reusing your passwords in more than one important place; and changing your passwords every few months.”
Similar best practice advice is provided by Peter Galvin, Chief Security Officer at nCipher, who adds: “this means changing passwords frequently and using unique passwords for each site or app. Avoid using common passwords, such as your birthday or ubiquitous number sequences that even high school level bots can penetrate easily.”
