Mark Burnett first encouraged people to have a ‘password day’ in his book Perfect Passwords released in 2005. In spirit of that suggestion, Intel Security announced in 2013 that the first Thursday of every May would be observed as World Password Day, and ever since, Cyber security professionals have used the day as a reminder of the paramount importance of passwords in securing and protecting our digital identities.
The day is dedicated to spreading awareness about better password practices and protecting the integral security measure of one’s online behaviours.
Why Do Strong Passwords Matter for Data Security and Privacy?
Unauthorised access is a potentially major problem for anyone who uses a computer or high-tech devices such as smartphones or tablets. The consequences for victims of these break-ins can include the loss of valuable data such as presentations, emails, and music.
Victims may also have their bank account information, money, or even their identity stolen. Moreover, unauthorised users may use someone else's computer to break the law, which could put the victim in legal trouble. A strong password provides essential protection from financial fraud and identity theft.
One of the most common ways that hackers break into computers is by guessing passwords. Simple and commonly used passwords enable intruders to easily gain access and control of a computing device.
Conversely, a password that is difficult to guess makes it prohibitively difficult for common hackers to break into a machine and will force them to look for another target. The more difficult the password, the lower the likelihood that one's computer will fall victim to an unwanted intrusion.
Risks of Weak Passwords: Cyber security threats are escalating, exploiting weak passwords to gain easy access to personal and corporate data. According to Verizon Data Breach Investigations Report, approximately 50 per cent of data breaches involve weak or stolen passwords. These incidents can lead to financial loss, identity theft, and severe reputational damage for companies.
What are the Characteristics of Strong Passwords?: Increasing your privacy security through careful password management doesn’t need to be complex. Here are a few guidelines to enhance password security:
- Complexity and Length: Combine uppercase and lowercase letters, numbers, and symbols to create complex passwords. Aim for at least 12 characters to make them harder to crack.
- Variability: Use different passwords for different accounts to prevent a single breach from compromising all your digital assets.
- Renewal: Change passwords regularly to limit the damage potential of stolen data.
- Unpredictability: Avoid common words, simple substitutions, and personal information that can be easily guessed or obtained from social profiles.
Using Password Managers: Password managers are helpful when managing multiple accounts as they can store and encrypt passwords, generate strong random passwords, and even automate password changes, simplifying security without sacrificing strength.
The Role of Multi-Factor Authentication (MFA): Adding MFA introduces another layer of security. By requiring a second form of verification, MFA significantly lowers the risk of account breaches, even if a password is compromised. Protect your privacy and self by taking some time to update your passwords. Avoid pet or family names, important dates, and other identifying information.
Information sharing and security issues: Thanks to modern technology, computing devices come in many different forms, such as desktop machines, laptops, smartphones, music players, and tablets. Any one of these devices may connect with other computing devices and share information, and in many cases, they may also connect with banks to conduct financial transactions.
All of these machines are potentially vulnerable to misuse by unauthorised users, and therefore, users should always protect them with passwords. Passwords are a means by which a user proves that they are authorised to use a computing device. A single device may have multiple users, each with their own password.
Passwords are not unlike a lock-and-key system, in which only the right key will enable a person to have access. The difference is that each person has a different key for the same door.
Some computing devices, such as desktop computers and laptops, also have a management-level user, or "superuser," who has the ability to control other users and modify the computing devices software, among other things. This superuser account is also known as the "root" or "administrator" account. This is important to know because while hackers will try to acquire any password they can get, they will generally try to guess the superuser password first, as it gives them the most control over a device.
Mobile devices security: On mobile devices, a PIN or pass code is also needed. This is like a password for a computer, but it may have a minimum of four characters or digits and be something that is not personal or easily guessed. Pass codes for devices should also be set to time out after a short period of time.
Upon timing out, the code will then need to be re-entered. Ideally, the timeout should occur in no more than 20 minutes, although shorter periods between time-outs are best.
From passwords to passkeys: Entering a new era in Cyber security: Passwords have long been the most popular way of authentication for decades, but they are not without flaws. They are vulnerable to cyber dangers due to password repetition and difficulty remembering complex combinations.
Not to mention some people just don’t come up with very complex passwords. A Passkey is a short user ID alternative for a particular online account. This is a one-time process and once done, users need not have to set up multiple passwords for different accounts. Google has made Passkeys feature default on Android device
Whenever a user visits a website, the medium, be it a phone or a desktop, already knows who the person is and it will authenticate the User ID and password. And, user can just log in to the account via the device's security system such as fingerprint sensor/FaceID on phones or Windows Hello on PCs. If the device does not have any of those biometric security features, he/she just has to remember the screen pattern or the PIN code of the device's lock screen
Most common passwords: The world’s most common online password is 123456, according to online password management company NordPass. NordPass also calls 123456 the worst password, because as well as being used over 4.5 million times, it takes less than a second for hackers to crack – like the rest of the most popular online passwords.
- 123456
- 123456789
- password
- 12345
- 12345678
- 111111
- 1234567890
- admin
- 123
- ********
- Admin123
- 000000
- abc123
- password1
- guest
India ranks among the top five most breached countries in 2023 According to Surfshark's research: India ranked 5th in the list of most breached countries with 5.3 million leaked accounts in 2023. Globally, a total of 299.8 million accounts were breached, with the U.S. ranking first and amounting to 32 per cent of all breaches from January through December.
The breach rate in India was 56 per cent lower in 2023 than it was in 2022. India was earlier ranked 7th in the list, in 2022, with 12.3 million accounts breached. The U.S. jumped to 1st place after trifold yearly growth with almost 100 million breached online accounts in 2023. Russia took the second place, while France ranked third, followed by Spain and India.
Twitter, LinkedIn and other platforms face massive data breach: In a staggering revelation, cybersecurity researchers have uncovered what is being referred to as the 'Mother of all Breaches,' with over 26 billion personal records exposed. This data leak, likely the largest ever recorded, has affected numerous platforms, including Twitter, LinkedIn, and Dropbox. Among the compromised records were 1.5 billion from Tencent's QQ, 504 million from Weibo, 360 million from MySpace, 281 million from Twitter, 251 million from LinkedIn, and 220 million from AdultFriendFinder. Notably, the leak also encompasses records from various government organisations across the United States, Brazil, Germany, the Philippines, Turkey, and others.
Some tips to make your digital life more secure.
- Never reveal your passwords to others.
- Use different passwords for different accounts.
- Make passwords that are hard to guess but easy to remember.
- Use multi-factor authentication (MFA)
- Use a password manager.
In a Cyber world, secure passwords are important. Other than keeping your information offline, long, unique and complex passwords protect your valuable information best. Another tactic is changing your passwords every few months or any time you think your accounts have been compromised.
It’s a good idea for you to not only check your passwords on this day but also to check them regularly to ensure that your digital life is as secure as possible.
