Coming up with an effective combination of letters, numbers and symbols is an important part of cybersecurity, especially around the password used to help to keep our data and systems secure.
If we are to think a little more deeply about passwords then today is the day to do so since the first Thursday in May (May 2nd for 2024) is now established as World Password Day.
Many of us know we need to have good, strong passwords yet a large number appear not to know what makes a good password. Another problem many face is with recalling the dozens of passwords we probably need to access essential services.
To mark this event in the technology calendar, Digital Journal heard from Craig Davies, CISO at Gathid.
Davies opens by outlining why this particular day is important: “World Password Day serves as a vital reminder of the importance of proactive digital security. While strong passwords remain a foundation of protection, they alone are no longer sufficient.”
It is also important to understand the effectiveness of a chosen password against guessing or brute-force attacks.
There is more to it, however, that simply updating the complexity of the access system: “World Password Day isn’t just about changing your passwords. It’s about building a smarter, more secure approach to your digital life.”
In terms of general advice on securing passwords, Davies recommends: “Start by making unique passwords your rule of thumb and make sure you use a password manager. Any password used in multiple places creates a significant security risk, particularly if compromised.”
As to how to approach this, increased character variety is one way to boost password robustness.
Another recommendation is: “Additionally, activate multi-factor authentication (MFA) wherever possible for a crucial extra layer of protection. Opt for a dedicated authenticator app on your phone for enhanced security over SMS-based codes. And remember to never share your authentication codes.”
Another important consideration, Davies says, is to “keep an eye out for passkey login options. This emerging passwordless standard, which major companies like Google and Apple already support, replaces traditional text-based passwords with a unique digital key linked to your device, making it far tougher for hackers to crack.”
This leads Davies to conclude with: “Whenever a website offers a passkey option, make the switch for enhanced protection.”
