Passwords…we all have them…lots of them!! So many different logins these days and everyone can’t be the same. Why not? Because if one gets compromised, then they all get compromised. Amazingly enough, in 2021, the most used password was 123456.1 This should tell you that many people don’t give their passwords much thought.

But does it really matter any longer? With Multi-Factor Authentication becoming a regular component of extended protection of one's user account access, are passwords still important? 

YES. No matter how you look at it, a strong password can make things more difficult for an attacker to gain an initial piece of information that could give them access to something valuable of yours. Because so many people use one password for everything, this means if I get your password, I am going to try it against every login I can think of. This includes the banks and email clients. 

With this context, consider the following tips on Password Security.

  1. Change your passwords and ensure they are at least 12-14 characters long, including capital letters, lowercase letters, numbers, and symbols, and don't use something familiar like a dog's name, etc.
  2. Use random phrases or short sentences with the combination above. This makes a password almost unbreakable within a realistic amount of time. OK, I know someone is going to say something about Quantum computing here, so let’s agree that that is a ways off from being readily available to most of the “mainstream” threat actors.
  3. Because of complex or completely randomized passwords, you might want to consider a password keeper. Those can be hacked, so use them with caution.
  4. You could write your passwords down in a notebook and keep them in a safe. This isn’t really practical in the “on-the-go” lifestyle we have these days.
  5. Use common sense when using passwords. Don’t share with people. Zero trust!!!
  6. Don’t be social engineered! Be safe around emails with links to credential logins. Be sure the links are legitimate. 

With all of this being said, there are many different ways that passwords can be compromised and no 100% way of protecting your passwords. However, if you use a little common sense, you limit potential damage by following these basic tips.

Watch our Day in the Life of a Cybersecurity Episodes>

Richard Chapman, CyberNow Labs Program Director