What Can You Do to Mark World Password Day?
Nathan Gatt, Head of BNF Information Security & IT Governance Department at BNF Bank p.l.c.
What Can You Do to Mark World Password Day?
You might not have marked it on your calendar, but today is World Password Day, a global initiative to raise awareness and promote better password practices among Internet users. Passwords are the key to our online accounts, and if they are weak or compromised, we risk losing access to our personal and professional data, or worse, exposing them to hackers and cybercriminals.
So, how can you celebrate World Password Day and improve your password security? Here are some tips that you can follow right away:
Use strong and unique passwords for each of your online accounts. A strong password should be at least 12 characters long, include a mix of uppercase and lowercase letters, numbers, and symbols, and avoid common words or phrases. A unique password means that you don't reuse the same password for different accounts or websites, as this can make it easier for attackers to break into multiple accounts with one breach.
Use a password manager to store and generate your passwords. A password manager is a software tool that securely stores your passwords in an encrypted vault and allows you to access them with a master password or biometric authentication. Some password managers can also generate random and complex passwords for you, so you don't have to worry about creating and remembering them yourself. Some password managers can also alert you if any of your passwords have been exposed in a data breach or are too weak or old.
Enable two-factor authentication (2FA) wherever possible. 2FA is an extra layer of security that requires you to enter a code or use a device in addition to your password when logging into an account. This way, even if someone steals your password, they won't be able to access your account without the second factor. Many online services offer 2FA options, such as SMS codes, email codes, authenticator apps, or hardware tokens. You should enable 2FA for your most important accounts, such as your email, banking, social media, and cloud storage accounts.
Change your password immediately if you suspect compromise. Even if you have a strong password, should you suspect that it has been compromised, change it immediately. If you are using that same password for other online services as well, make sure to change it on the other online services as well.
Don’t share your password with anyone. You should also never share your password with anyone, even if they claim to be from a legitimate company or organisation. No reputable service will ever ask you for your password via email, phone, or any other channel.
Beware of phishing attempts: Be cautious of phishing emails or websites that attempt to trick you into divulging your login credentials. Always verify the authenticity of the sender or website before entering sensitive information. Look for signs of phishing, such as spelling or grammar errors, mismatched domain names, or urgent or threatening messages. If you receive a suspicious email or link, don't click on it or open any attachments.
World Password Day serves as a reminder of the importance of maintaining strong password security practices in our digital lives. By following these best practices, staying vigilant against cyber threats, and adopting secure technologies, we can better protect our digital identities and safeguard sensitive information from falling into the wrong hands. Remember, a strong password today can help prevent a cybersecurity disaster tomorrow.