Passwords have become an expected and ubiquitous part of our online life as we become more data-driven. It is typical in today's digital world to require a password for everything, from accessing your smartphone to signing into your remote workspace to checking your bank statements. We all have been conditioned to entering passwords countless times every day, and as a result, we frequently overlook their significance.
Taking this into consideration, what precautions can you take to ensure that your personal information is always protected? Given that we live in a data-driven, security-conscious world, here are some tips and professional opinions from industry leaders for World Password Day in the aim of helping you better your password game.
Sandeep Jain, Senior Director of Software Engineering, Forcepoint India
“Though biometrics have become increasingly common for identifying ourselves on our devices, the password’s popularity continues as the primary way digital platforms and devices are secured. Passwords have persisted, despite their flaws, because they strike a level of compromise between security and convenience that works for the vast majority. This is boosted by the use of additional security like multi-factor authentication, where additional verification is needed on a second device. It makes it so simply stealing a user’s password isn’t enough to get access.
At an enterprise level, meanwhile, network philosophies like Zero Trust, which work from the principle of ‘never trust, always verify’ across the entirety of an organization’s network, also reduces the likelihood of cybercriminals successfully breaching an organization. In the age of cloud cybersecurity, this can be implemented in a device-agnostic way, wherever employees might be physically working and connecting from.
World Password Day is an annual reminder to everyone of the importance of practicing digital hygiene, and the role we can all play in keeping both our professional and personal lives secure by practicing secure password behaviors. For example, using an encrypted password manager to generate, save and autofill everyday passwords on websites, so that a threat actor can’t use one password to get into all of a user’s accounts. Staying cautious and practicing critical thinking when it comes to clicking links and sharing sensitive information like user credentials will also reduce the risks of phishing attacks, which are a common way of stealing details. IT leaders should also implement policies that mandate regular password changing, and set criteria to enforce strong passwords.
In an era of hybrid working and a dissolved perimeter between an organization and its wider environment, employees have never been more of a first line of cybersecurity defense for the organization they work for, than they are right now. Let’s use World Password Day as an opportunity to audit the cybersecurity posture of our organizations and make improvements.”
Sriram, Co-Founder, iValue InfoSolutions
“In early 2000, this was more of an enterprise challenge since individual users had just personal email accounts to manage in terms of password management. Passwords have been one of the weakest links for decades now. With most businesses on digital mode, it is impractical for citizens to keep a track of their complex passwords across banks, shopping, travel and entertainment sites. Tools like password manager have not been popular across the masses. Multi-factor authentication is still limited to enterprises and is not being leveraged at SMB/SMEs and Citizens. With the Government using Digital means for most of its Citizen service deliveries covering rural and non-technology aware populations, it's time to leverage user-friendly options like thumb, retina and facial recognition options for authentication which should be feasible with 5G rollout and wide broadband coverage.”
Satish Kumar V, CEO, EverestIMS Technologies
“With millions of workers around the world having remote access to their company's data, security and safekeeping of this data has become paramount. Most successful breaches occur when a password stolen from a platform is leveraged against another system that shares exactly the same password. Weak passwords can often be the chink in a company’s armour. Having a password generation software at hand is a good idea from the personal side. And for enterprises, continuous evaluation of passwords with multi factor authentication and usage of tools that inhibit wanton access can minimize breaches.”
Vikas Bhonsle, CEO, Crayon Software Experts India
“Poor password behavior is a principal contributor to data breaches. A 2021 survey report says that 80% of breaches have its roots in weak passwords and stolen credentials. This highlights how crucial secure password management is. For enterprises, the best way to cultivate a highly secure workforce is to provide regular training on cyber security and hygiene issues using engaging and accessible resources. Employees need to be ensured that they understand the importance of password security and the risks of weak passwords to a business. Strong messaging must reach employees through internal communication mechanisms on being mindful while creating and managing passwords. Digital products must integrate reminders in their UX design that encourages users to change their passwords often.
Companies should also implement access management solutions to manage and monitor user access permissions and access rights to files, systems, and services. This eliminates the inherent vulnerabilities that come with sole dependencies on passwords while increasing levels of assurance and convenience. Passwords are here to stay for some time. Hence, it is important that healthy-password behavior is inculcated into the workplace DNA.”
Nat Natraj, Co-founder & CEO, AccuKnox
“Intel originally recognized World Password Day in 2013 to serve as a reminder of the importance of good password hygiene, and many of us still need a reminder 9 years later. However, the fact of the matter is, passwords are an absolute security nightmare. Creating and managing them is annoying, so people often reuse them or choose easily guessable logins—or both. Hackers are more than happy to take advantage. Today, I would like to take this opportunity to remind everyone, both businesses, and individuals, that our security is only as strong as our weakest link, which is, nine times out of ten, humans. Breaches and cyberattacks will continue indefinitely, and we won't be able to prevent them entirely, but refocusing on human-centric security, such as password habits, can help us get closer to a safe digitally connected society.”
Rajesh K. Parthasarathy, Founder, President, CEO, Mage
“Passwords are still a serious security flaw on the internet. The majority of the issues arise from password reuse, passwords that aren't strong or otherwise easy to guess, or other security flaws in general. Employing multi-factor authentication for sites that contain sensitive data, such as email, social media, financial websites, or other high-value sites, can help dissuade attackers if a password is compromised or repeated. Multi-factor authentication (MFA), which requires a password plus one or more additional credentials, is a good way to prevent unauthorized account access, but going passwordless is so much better. Passwords are, without a doubt, at the root of the data leak issue. According to the Verizon Data Breach Investigations Report, compromised and weak credentials were used in 80% of hacking-related breaches, and stolen credentials were used in 29% of all breaches, regardless of the attack type. Given this, businesses must urge employees to improve their password habits in order to improve the organization's overall security.”
Punit Thakkar, CEO & MD, Shivaami
“Setting up a strong password is one of the most secure ways to protect yourself from data leaks and security breaches. Most people set the bar too low, making it easy for hackers to gain access to users' accounts. Passwords are such an important part of our digital identities, it is critical that we create strong passwords and keep them safe. It is also recommended that users should never reuse passwords for different accounts as hackers with access to one password can gain access to thousands of them, potentially resulting in a large data breach.”