Expert commentary - World Password Day
May 2021 by Experts
With World Password Day coming up tomorrow, experts to provide commentary.
Sanjiv Cherian, Head of Business Development – Cyber Security at A&O IT Group
“World Password Day was first recognised by intel in 2013 to serve as a reminder of the significance of good password hygiene yet, eight years later many of us still need reminding.
Cyber security is a huge, ever-growing industry with preventative solutions ranging from pen testing and red teaming to endpoint security and SASE. However, we still see volumes of cyber-attacks or data breaches occurring every week, surprisingly these are not due to the failing of the plethora of impressive solutions in the market, but rather down to us continuing to forget the basics. Stolen credentials on the Dark Web are sold for pennies, resulting in account takeover and data leaks. Since people use the same passwords on multiple accounts, it works as a treat for hackers to gain access to their systems
Today I want to take the opportunity to remind all organisations and individuals that our security is only as strong as our weakest link, and nine times out of ten, that weakest link is people. Breaches and cyber-attacks will continue to happen, and we won’t be able to stop all of them, but putting some emphasis back on human-centric security such as password habits will get us some of the way there.”
Ed Williams, Director of Trustwave Spiderlabs for EMEA at Trustwave “We use passwords for one reason and one reason only, to protect ourselves, our data and our information. So why are we still so bad at them? With the sheer number of services we all use daily, I definitely think there is a tendency to be lazy when it comes to passwords. And our own previous research would support that, highlighting words such as P@ssword1 as the most commonly used password, as well as finding people neglecting the use of special characters or using the exact same password for every account they have. Despite passwords being so simple, there’s still a lot of education to be done. For example, did you know that a password made up of eight characters takes an average of one day to crack, whereas one with 10 characters would take an average of 591 days? That’s just two more taps of the keyboard and you’ve enhanced your security by 591%. As humans, we struggle with randomness and all too often use guessable patterns when creating passwords, be it a base word, a year appended to the end, or character substitution, e.g. ‘Dr@gon2021’. Passwords may not seem like much compared with other impressive security solutions or tools but a well thought out password really could make the difference between your data, and that of your organisation, being vulnerable or secure. Why not use today as a reminder to check your password security and make the life of a hacker more difficult”