World Password Day is an excellent opportunity to get expert tips and insights on choosing and using strong passwords. Here are some of our top picks from the iFeeltech team:
Everyone agreed that passwords need to be supplemented with MFA (Multi-Factor Authentication) or at least 2FA (Two-Factor Authentication).
Data breaches are still mainly caused by stolen, cracked passwords. Of course, there are other types of attacks – from malicious software to social engineering – but this shows that passwords play a central role in anyone’s security posture.
It is alarming that so many people still use their child’s name or birth date as a password; most people are still not using unique, strong passwords.
Password Security 101
Users must employ strong passwords at home and work, supplemented by MFA or 2FA. Using a password manager or password vault is also recommended.
There are a few things users can do to make sure they have a strong password:
- Create unique, strong passwords. Be original and creative. The key is to have a password at least eight characters long, consisting of letters and numbers, and special symbols.
- For enhanced security, always use multi-factor (MFA) or two-factor (2FA) authentication.
- For optimal security, always use a unique password for each online account.
- As a best practice, passwords should be changed regularly to reduce the risk of account compromise. In addition, users should avoid reusing old passwords.
- Avoid using public Wi-Fi networks. If you connect to one, do not access sites requiring a password for login. Public Wi-Fi networks can be insecure, so avoid sensitive activities like online banking.
- Ensure that your browser is up to date. Outdated browsers may have security vulnerabilities, so it’s best to update as soon as it’s available.
- Use a password manager to help you store sensitive data in an encrypted container and manage multiple passwords.
The biggest challenge with passwords is how inconvenient they are to manage. So many people naturally opt for convenience over security. Thinking of a unique, secure password for each website and app you use is incredibly difficult and unlikely to stick in your head.
Rather than grapple with that inevitable crack of getting your password wrong or having to reset it, security experts universally recommend using a password manager to create, remember, and protect your passwords.
Life after Passwords
Despite warnings and increasing cyber-attacks, many people still do not understand how important it is to use a difficult-to-guess password for their user accounts. However, hopefully soon, we won’t have to worry about this anymore – with a new solution, we can log in to our various accounts without using passwords.
Apple, Google, and Microsoft have all announced their support for the login method developed by the FIDO Alliance and W3C, which will allow users to authenticate without using a password – simply using a solution that is also used to unlock their phones. This method is much more secure than previous solutions, even when using SMS-based two-factor authentication.
You’ll be able to use your FIDO-recognized data from your devices or phone to open a notification and confirm your identity with fingerprint or facial recognition.
The platform will be completely independent; it won’t matter which tools or browsers you prefer. Later this year, the new authentication method could become available on iOS, macOS, Safari, Chrome, Windows, and the Edge browser.