-
Home
-
Knowledge Base
-
David J Steele
- The Future of Passwords
Knowledge Base
The Future of Passwords
Passwords may become less common as governments and organizations explore alternative authentication methods. For example, many companies are exploring using two-factor authentication through a physical device such as a token, badge, or an app on a user's smartphone. This provides an additional layer of security and makes it much harder for someone to gain unauthorized access to an account. In addition, biometric-based authentication is becoming more popular, allowing users to unlock their devices by providing fingerprint or facial recognition scans.
 |
Another possibility is the widespread adoption of blockchain technology, which can provide secure digital identities for users and allow them to easily access their accounts without needing a password. Additionally, major players in the tech industry have started exploring new methods of authentication based on artificial intelligence (AI). For example, Google has developed an AI system called “Trust API,” which authenticates user actions with AI-powered image recognition techniques.
Ultimately, while passwords may still be used for specific logins, their use may decline over time as more secure and convenient alternatives become available. But with all that said, we still need to manage passwords.
Don’t Use Common Passwords or the Same Passwords for Your Accounts
The most common passwords are still easily guessed, such as 'password', '123456', 'iloveyou', 'abc123', '111111', 'letmein', and 'qwerty'. These passwords are made up of commonly used words, numbers, or combinations of letters that lack complexity. Furthermore, some users choose simple passwords for their personal information, such as birthdates and names. Such passwords are easily guessed by someone with basic knowledge of the user's background.
Using the same password for all your accounts poses an enormous security risk. If one account becomes compromised, then malicious actors can use that same password to gain access to your other accounts. Therefore, it is important to create unique passwords for each of your online accounts—this way, even if one account is hacked, the rest of your accounts will remain secure.
It is important to choose passwords with a combination of numbers, symbols, and upper- and lower-case letters. This adds another layer of complexity, making it much more difficult for someone to guess or crack your password.
Don’t Use Default Passwords
Additionally, many users continue to use default passwords supplied by their device manufacturer or internet service provider. As these passwords are widely known and easy to guess, they offer little protection against hackers. Therefore, users must ensure that they create strong passwords with a combination of upper- and lowercase letters, numbers, and special characters to maximize security. Password managers can also generate secure yet complex passwords, which can help reduce the risk of account breaches.
Create Unique Passwords
To make passwords more secure and resistant to brute-forcing attacks, users should create unique passwords for each account. A strong password should contain at least eight characters with a combination of uppercase and lowercase letters, numbers, and special symbols. In addition, users should never share their passwords with anyone or write them down in an easily accessible location.
Using a password manager to generate and store strong passwords for each account is also recommended. Generally speaking, the longer a password is combined with these characters, the harder it is to guess.
Furthermore, organizations can enforce additional policies to strengthen their security measures further. For example, they can require their employees to change their passwords every few months or whenever there is suspicion of unauthorized access. They can also implement multi-factor authentication (MFA), which requires users to provide a username and password and some additional verification, such as a code sent via SMS or an app on their mobile device. Furthermore, organizations can limit how many attempts can be made before the account is locked out for a certain period.
Tools and Suggestions
Password managers are great solutions for securely storing complex passwords generated by the system. At the same time, multi-factor authentication (MFA) provides an additional layer of security verification, such as a code sent via SMS or an app on the user's mobile device.
It's good for organizations to set limits on how many attempts can be made before the account is locked out for a certain period to strengthen their security measures further.
Overall, it is essential to use strong passwords that are unique and hard to guess to maximize the security and privacy of user accounts. Organizations should ensure that their staff is aware of best practices regarding password management and provide resources such as tutorials, articles, and tools to help them create secure yet memorable passwords. Here are a few basic rules to follow:
- Passwords should be at least eight or longer, with ten characters being the recommended minimum.
- Utilizing multiple words or phrases with personal significance can also help make a password much more secure.
- Consider using special characters whenever possible.
- It is essential to use only some of these passwords across multiple accounts. Each password should be unique and memorable for each account.
- Never use passwords that can be found in a dictionary.
- Never use passwords like 'password', '123456', 'iloveyou', 'abc123', '111111', and 'letmein' and 'qwerty'.
- Don't share personal passwords with business accounts.
- Don’t use shared passwords or share your password with other staff members.
- Consider changing your business passwords every six months and personal passwords yearly.
- Consider using a password manager to help manage and secure passwords.
- Set up MFA whenever possible.
Should I use a password manager or Google? If you don't have a password manager, Google Password Manager is a good idea. You want to ensure you have a strong password and MFA on your Google account. Alternatively, consider a dedicated password manager from the list below:
- Bitwarden is an open-source password manager that stores your credentials in an encrypted vault protected by a master password or 2FA token. It lets you quickly generate strong random passwords for all your accounts while keeping track of them from one place using its web vault or mobile app.
- LastPass is a cross-platform password manager that can generate unique passwords for each account while securely storing them in an encrypted vault protected by a master password. It includes features such as two-factor authentication, automatic form filling, and secure sharing of passwords with others through its family folder feature.
- 1Password creates unique passwords for every account and stores them securely in an encrypted vault. It supports two-factor authentication so that users can sign in with their fingerprint or Face ID. Additionally, it offers a travel mode that lets users hide their sensitive data when crossing borders.
- Keeper is a cloud-based security platform that provides secure password management and a wide range of other features, such as filesharing, digital wallets, and secure file storage. It uses end-to-end encryption to store users’ data in an encrypted vault. Also, it includes zero-knowledge architecture, which ensures that only the user can access their data.
- Dashlane is a comprehensive password manager that can generate unique passwords for each account and store them securely in an encrypted vault. It can also auto-fill web forms with your personal information to easily access online accounts. Furthermore, it includes two-factor authentication to protect your accounts with an extra layer of security.
Another suggestion to help remember popular common passwords like Wi-Fi is to use a phrase. Come up with a word you can remember but shift your keyboard entry.
Example: LifeIsBetterWithWine
Password: P9t4(eH46645#96#9j4
*The phrase is shifted up one row and to the right.
By taking these measures and ideas and following best practices regarding solid password management, organizations and individuals can significantly reduce the risk of unauthorized access to their systems, accounts, and data. For more information on security services from Intrada, give us a call.
Cybersecurity Awareness Poster
 |
Click here for a cybersecurity awareness training poster that Intrada Technologies clients may print and post to meet cybersecurity insurance requirements. |
About the author
Contact Us
|
Contact Information: |
Hours of Operation: |
OUR FOCUS
Intrada Technologies is a full-service web development and network management company with a focus on creating ongoing, trusted partnerships with each of our clients.
We make sure our clients have what they require to run their businesses with maximum efficiency and reliability, as many of their needs are mission-critical.
Our unique, collaborative partnerships allow us to provide our clients with the assurance that we will be there when they need us.