In honor of World Password Day, two cybersecurity experts offer insight and tips on why and how a strong password is the single best defense against cybercrime.
Many people still consider it a nuisance to use several complicated passwords (a different one for every site or service); however, it is a truth universally acknowledged that a person in possession of an easy-to-remember password is making it easy for somebody else to guess that password. Even worse, if that same password is being used on multiple accounts, everything can unlock all at once.
Cybersecurity experts contributed to this year's final Cybersecurity Moonshot report, developed by the President's National Security Telecommunications Advisory Committee (NSTAC), which aims to improve cybersecurity within ten years to achieve the "fundamental goal of making the Internet safe and secure," according to an earlier draft.
"Password resets continue to cost companies millions, frustrate users, and enable adversaries, which is why finding better forms of online identification are one of the focus recommendations of the White House's Cyber Moonshot report just delivered to the President," Tom Patterson, Chief Trust Officer at Unisys, said.
Patterson added that passwords are not only a high concern for users, especially related to financial sites like online banking, but a password can also be a weak link to security growth and personal privacy.
"Think PassPHRASE instead and you'll have much stronger security that's even easier to remember," Patterson said.
Patterson recommended opting for a phrase instead of a simple word, avoiding using the same password in more than one important place, and change passwords every few months.
Peter Galvin, Chief Security Officer at nCipher, added that while passwords are the norm for now, users and companies should expect bad actors to continue trying to compromise this security link.
"For organizations, this means having a centralized security policy and effective encryption key management to assure control of data across every physical and virtual server on and off your premises," Galvin said.
Security Management also features articles on both how to create stronger passwords and the dangers in maintaining a weak password, which can sometimes take years to discover or announce. And in an age where it is normal for a significant percentage of a company's workforce operates remotely, there are still ways to ensure that the employee, the company, and their clients remain protected.