Skip navigation
WORLD PASSWORD DAY text with keyboard and globe on yellow background Alamy

Celebrating World Password Day: Best Practices for Secure Accounts

Strong password practices are important every day of the year. World Password Day is a chance to improve how we protect our our digital lives.

While May 4th has long been an unofficial day of celebration for Star Wars fans, today holds another layer of significance for IT and cybersecurity professionals, as well as lovers of secure accounts everywhere: World Password Day.

Inaugurated by Intel in 2013 and held on the first Thursday of May, World Password Day intends to raise awareness about password security best practices. Given the rise of cybercrime, strong password habits have become indispensable in one’s digital life.

At ITPro Today, we’re celebrating World Password Day by rounding up best practices for password security, as well as some of our best stories.

Password Security Best Practices

Here are six tips for password security that you should know by heart.

  • First and foremost, make sure you always use strong passwords. That means no tributes to your favorite pet or sports team. In fact, steer clear of using any personal information that can be easily guessed. The National Institute of Standards and Technology recommends passwords be at least eight characters in length and avoid sequential numbers (“1234”) or repeated characters (“aaaa”).
  • You should change passwords regularly. Just as it’s harder to hit a moving target, changing your passwords makes your accounts that much more difficult to break into. This practice can also neutralize the dangers that come from having your passwords exposed in a leak.
  • You should use a unique password for each account. If you’re using the same credentials for your email, streaming services, and bank accounts, start using new and distinct passwords for each. Doing so minimizes the risk that compromised security on one account will affect the others.
  • Remembering unique passwords can be difficult, but it can be dangerous to store them someplace insecure (e.g., a document named “Passwords.doc” on your desktop). As such, you should use a reliable password manager. Examples of password managers include LastPass, Dashlane, NordPass, Keeper, and RoboForm. These password managers encrypt passwords before they leave your device and are exceedingly difficult (though not impossible) to breach. 
  • Another wise practice is to turn on two-factor authentication. Remember the old saying, "Two heads are better than one"? So it goes with added degrees of authentication. There’s no way to ensure 100% password safety, but requiring multiple authorizations goes a long way.
  • Finally, cybercriminals know one of the easiest ways to steal passwords is through phishing emails and social engineering efforts. You should learn to recognize these types of threats. Never provide your password unless you are completely confident that doing so is safe.

Top Stories About Password Security

We’ll finish off our celebration of World Password Day with a roundup of articles about password security. These stories examine the best ways to protect organizations against current cybersecurity threats. 

The 3 Most Common Password Attacks – and What to Do about Them
Passwords are under constant threat. In this article, tech expert Brien Posey explains three conventional forms of password attacks. These include the use of scripts designed to crack password combinations (i.e., brute force attacks) and the use of stolen credentials from one database to access other accounts (i.e., credential stuffing attacks). 

Infostealer Malware Fuels the Cybercriminal Underground
ITPro Today contributor Alyse Burnside recently reported on SpyCloud’s annual assessment of credential exposure trends, which found infostealer malware to be a growing cause of data breaches. Poor password hygiene, such as using celebrity names and pop culture references in passwords, was also cited as a leading risk for credential exposure. 

How Password Salting Can Improve Your Security
This article describes password salting, a method that improves upon password hashing (algorithmic translation of passwords into hashes) by ensuring passwords have no direct connection to their hash. Learn how password salting works and how to implement it as part of your security practices.

Passwordless Authentication Is Ready for Its Close-up
Technology writer Karen D. Schwartz takes an in-depth look at the popularity of passwordless authentication, highlighting a future that is free from the vulnerabilities facing passwords today. In this feature, Schwartz discusses the virtues and potential pitfalls of passwordless authentication. 

May you be confident in your passwords and, of course, may the fourth be with you. 

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish