Make your World Password Day May 4th Memorable with these tips

Passwords aren’t very exciting. Like keys, they’re a necessary component of our everyday lives. You have to have them, otherwise trouble quickly arises. 

Although the first digital passwords began appearing in the early 1960s, the phenomena is actually much older. Greek historian Polybius was fond of both passcodes and ciphers. Thus, passwords are not a new technology, in other words, just a solution tweaked over the centuries to help ensure only authorized individuals access specific resources. 

Without passwords, restricting access to your files, photos, videos, applications, networks and other information would prove difficult. So, too, would protecting your banking and financial information become a greater challenge. 

Passcodes, and accompanying multifactor authentication—whether performed using codes produced by authenticator apps, text messages or security tokens—make it exponentially more difficult for unauthorized parties to access your data. That is, unless the passwords you use are repeated across multiple accounts, appear in the dictionary (in any language) or are easily guessed. 

Do not make the mistake of believing you are an unappealing target. The robotic programs relentlessly scouring the Internet and attacking your accounts do not discriminate. Malicious actors have also begun using advanced artificial intelligence (AI)- and machine learning (ML)-powered technologies to hack and crack your accounts’ credentials. 

In fact, it’s estimated by some that an eight-character password consisting of only numbers can be hacked instantly. Add upper- and lowercase letters and special characters and criminals can still hack your password in as little as five minutes, predicts Hive Systems, whose 2023 password-cracking chart appears below. 

The table makes it clear. Passwords must consist of longer strings and use a mix of upper- and lowercase letters, numbers and special characters to prove effective. 

Consider using mnemonics, which involves developing an entire sentence you can remember but abbreviating and combining words and adding special characters and numerals, to craft much longer, mixed-character password strings. At least two studies—one conducted by Purdue University researchers and another by University of British Columbia scientists—demonstrate the practice, applied properly, can improve cybersecurity. 

You will be best served following best practices when creating passwords. Avoid using easily defeated passcodes consisting of only numerals or letters. Do not use anniversaries, special dates, holidays, sports teams or variations of the word P@$$w0rd to secure your accounts. 

The US National Cybersecurity and Communications Integration Center (NCCIC) and Cybersecurity & Infrastructure Security Agency (CISA) recommend all those steps, including using the longest length password string a platform supports. The agencies also remind users of the importance of protecting passwords. Do not write them down or leave passwords where others can view or obtain them. Neither should you share passwords with others. 

And change your passwords often. Like every month. 

We know. The practice is disruptive. But having to battle identity theft, combat a ransomware infection, repair a system or otherwise recover from a cybersecurity breach is a much more invasive and costly experience. 

In keeping with the World Password Day holiday inspired by cybersecurity professional Mark Burnett, author of the classic 2005 Syngress tomb Perfect Passwords, begin by changing important passwords on May 4th. There’s no need to wait for Cinco de Mayo (the day after). Do it now, then set automated reminders to remember to repeat the process in 30 days. 

The sooner you adopt best practice recommendations, update passwords and replace lesser passcodes with longer and more complex counterparts, the sooner you can rest assured you have taken at least the fundamental best practice steps necessary to safeguard your systems and information. Plus, you’ll make Burnett and the cybersecurity and IT professionals in your life proud.