Weak passwords are a huge threat vector and one of the big points to attack and can lead to data breaches, phishing scams, and ransomware attacks.
The
invention of passwords in the 1960s changed the digital world as we know it.
Passwords are now an unconscious standard practice in our lives; from your
first pet to the street you grew up on, they are deeply ingrained in our minds.
Passwords today are the primary guardians of our privacy, personal data, and
finances.
Despite this knowledge, passwords are often viewed complacently, even though simple, easy-to-guess passwords are insecure. Your dog’s name, spouse’s name, birthdate, and other words and phrases related to your life that are easily discoverable on your social media profiles are easy for attackers to discover.
While
the onus of ensuring security and protecting data does lie on the companies
that collect and store this data, there is quite a bit consumers can do on
their end to secure their credentials. World Password Day 2023 is driven by the
purpose of raising awareness about the importance of strong passwords and encouraging
individuals and organizations to take steps to improve their password security.
With the increasing prevalence of cyberattacks and data breaches, it is more
important than ever to use strong and unique passwords to protect our online
accounts and personal information.
Based
on research, 91% of
people know that using the same password on multiple accounts is a security
risk, yet 66% continue to use the same password anyway. Steven Scheurmann, Regional Vice President for ASEAN at Palo Alto
Networks, provides simple but effective measures to make passwords the
primary guardian of your personal and professional
● Set
guidelines for passwords that prevent password spraying: Ensure long passwords with a good mix of
different character types—letters, numbers, and special characters. An
8-character password is easier to guess by a computer than a 16- or
24-character password.
● Avoid
vulnerable passwords that are easily guessed or already compromised. If you go and Google ‘commonly used
passwords," you’ll see a list that any attacker uses when trying to guess
passwords. If there is a default password on an internet-facing device or even
internally. Change it ASAP!
● Avoid
reusing passwords: Everyone
hates remembering passwords; some great options are using the passphrase
options. We can use it to create unique passwords that are easy to remember. Be
wary of password managers; several have been hit recently, and some of them multiple
times. But they can also be an option.
● Require
password updates at set frequencies: This is a pain, but consider it the standard operating procedure for
business risk reduction. It doesn’t take that long to do and helps secure the
organization if a set of credentials is stolen or phished somehow.
● Use
multi-factor authentication methods:
If a password is stolen or guessed, no matter how hard you’ve tried to be
unique, having other methods to confirm it is you trying to get to a resource
or a web service you use is vital. Many different cloud, security, and
operating system vendors have a multi-factor authentication app that you can
install on your phone to link to almost every website that supports it.
By taking these steps, individuals and organizations can help improve their password security and protect their online accounts and personal information. Learn more about how to create a stronger cybersecurity posture with an intelligent, automated, artificial intelligence (AI)-driven security operations center by checking out Palo Alto Networks’ World Password Day webinar.
About Palo Alto Networks
Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyber threats so that organizations can confidently embrace technology. We provide next-gen cybersecurity to thousands of customers globally across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice.
At Palo Alto Networks, we’re committed to bringing together the very best people in service of our mission, so we’re also proud to be the cybersecurity workplace of choice, recognized among Newsweek’s Most Loved Workplaces (2021), Comparably Best Companies for Diversity (2021), and HRC's Best Places for LGBTQ Equality (2022). For more information, visit www.paloaltonetworks.com.
Like this post? Subscribe to Manila Life by Email