Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Change Your Password Day 2024: Review Your Current Passwords

change-your-password-day 

In today's digital age, passwords play a crucial role in securing our personal and sensitive information online. That's why it's important to change your password regularly, especially on special days such as Change Your Password Day. This day is a reminder for all of us to take our online security seriously and update our passwords.

Having a strong password is essential for protecting your online accounts from hackers and cybercriminals. Unfortunately, many people still use weak passwords that are easily guessable. Common passwords include "123456", "password", or even the user's name. These types of passwords can be easily cracked by hackers, putting your sensitive information at risk.

To stay protected, it's recommended that you use a unique and complex password. This means using a combination of uppercase and lowercase letters, numbers, and symbols. You should also avoid using easily guessable information such as your name, date of birth, or pet's name.

Change Your Password Day is an important reminder for us to take our online security seriously. It's an opportunity to review our current passwords and make sure that they are strong, unique, and changed regularly. By doing so, we can help protect ourselves and our sensitive information from cybercrime. So, make sure to celebrate this day by changing your password and keeping your online accounts secure.

Here's what the experts have to say:

--

DARREN GUCCIONE, CEO AND CO-FOUNDER, KEEPER SECURITY
 
Weak and compromised credentials are the most common way that accounts are hacked. While no one likes updating their passwords, Change Your Password Day is a great time to recognize and enforce this critical best practice. Account protection begins with a secure password that is not easily guessed and has not been used for any other accounts. It's recommended to use a password of at least 16 characters, with a variety of numbers, uppercase and lowercase letters and symbols. Multi-factor authentication (MFA) should be enabled whenever possible. Adopting a trusted password manager helps secure passwords, and eliminates the headaches that come with updating and remembering them. At the end of the day, generating strong, random passwords for each account and storing them in an encrypted vault is the simplest, most secure and effective method to manage the plethora of passwords that we all have to contend with.

++

JOSEPH CARSON, CHIEF SECURITY SCIENTIST AND ADVISORY CISO, DELINEA  
 
February 1st is Change Your Password Day, celebrated each year to help raise password awareness. It serves an important reminder to each and every citizen to create stronger passwords and utilize different passwords for all accounts. For most of us, passwords are the gatekeepers of our digital identities, guarding everything from our social media accounts to our financial information. It is important to make sure your passwords are strong, using a passphrase instead of a password, ensuring it is unique for each account, long, and easy to remember.  
 
This year, Change Your Password Day should also be used as a recommendation to embrace newer, more secure methods of authentication. Consider adopting a password manager to move your passwords into the background, while keeping them secure. Additionally, Multi-Factor Authentication (MFA) is becoming a norm, offering an additional layer of security, making it harder for unauthorized users to gain access. Soon enough, reliance on traditional passwords will be a thing of the past, but in the meantime, remember your digital security is only as strong as your weakest password! 

++

CHRISTIAN FUNK, LEAD SECURITY RESEARCHER, KASPERSKY

Ten years ago it was assumed that simply changing your password would increase security. However, the human factor has been ignored as people tend to make it as easy as possible for themselves. As a result, passwords become less complex, and therefore less secure. Instead of changing your password regularly, it's much more important to use strong, unique passwords for each individual account. A strong password consists of at least 16 characters and a combination of upper and lower case letters, numbers and special characters. A separate password should be used for each account. Of course, a lot comes together when using various social networks, online banking, subscriptions and the like. A password manager solution can help here. This not only manages the passwords securely, but also helps with their creation. In addition to a strong password, I recommend using two-factor authentication wherever possible. It offers an additional level of security.

++

PATRICK HARDING, CHIEF ARCHITECT, PING IDENTITY

The concerns and frustrations of passwords have become considerably heightened in recent years. Traditional passwords increase the risk of data breaches, and people are frustrated with having to manage too many different passwords, or too complex of passwords, or instead choose to reuse the same password on multiple sites, further increasing the risk to themselves and the organizations they work for.

Passwords are an outdated default at a time when more secure alternatives exist and offer a better digital experience. Passwordless authentication replaces traditional passwords with more user-friendly, secure methods, like a mobile device or biometrically protected passkey. On “Change Your Password Day,” let’s celebrate the security passwords once offered, and evolve towards a passwordless future that offers better, and more secure, digital experiences for all.

++

GEOFFREY MATTSON, CEO, XAGE SECURITY

Passwords play a ubiquitous role, particularly at access points crucial for the operations of industrial control systems. These systems are integral to critical infrastructure, spanning energy, utilities, defense, transportation, manufacturing, and related industries. On this "Change Your Password Day," my directive to operators of industrial systems is clear: while transitioning from single authentication and passwords to multi-factor authentication is achievable, the crucial factor for robust protection lies in the approach adopted. The recommended path forward is eliminating the use of default passwords and working to implement Multi-Factor Authentication (MFA).

Real-world operations are susceptible to significant system shutdowns through targeted attacks, affecting crucial services and community safety, all while impacting the financial bottom lines of operators. Securing complex environments with a mix of IIoT and legacy systems is challenging. Many operators, especially those with legacy equipment, rely on single-factor authentication like passwords. As CISA’s Secure By Design alert calls out, common pitfalls such as credential reuse and default passwords leave organizations vulnerable. Recognizing these limitations requires a more comprehensive security strategy to protect these critical operations.

In addressing the demand for secure critical infrastructure systems, the solution goes beyond password changes or transitioning to multi-factor authentication (MFA). Nearly one million attacks successfully bypass MFA, often through MFA fatigue attacks (also known as MFA bombing attacks). Additionally, industrial systems are not inherently designed to support MFA, making it unreliable for protecting essential services. Operators cannot depend on the traditional MFA integrated into equipment for robust security.

Critical infrastructure needs multi-layer MFA designed to combine Zero Trust access control with a defense-in-depth authentication strategy. Every protected device and user on the network is fingerprinted, so hackers can't infiltrate further if an authentication factor is compromised. This layered MFA lets organizations enforce defense and keep crucial systems online.

++

WILL LASALA, FIELD CTO, ONESPAN

With more business conducted online than ever, passwords have become a pivotal part of safeguarding our sensitive information, transactions, and digital identities. Everytime you type in your password online, you share part of your digital identity, opening up opportunities for data to be compromised. While consistently changing passwords is crucial to upholding security postures, it is just the first step.

While companies should also adopt effective multi-factor authentication (MFA) solutions, they should keep in mind that these solutions must be designed to securely separate the generation of one-time passwords (OTPs), ensuring that only the authorized user can utilize the OTP. The use of SMS, email, or voice-based authentication poses a risk, as it exposes the OTP to an unprotected communication channel in clear text, making it susceptible to interception by anyone who can read or hear the message.

To counteract such threats, organizations should transition to more robust two-factor authentication (2FA) methods. Hardware and software token generation apps or Fido technology offer a stronger defense, thwarting attacks that exploit vulnerabilities in less secure forms of MFA. For businesses that process high-value transactions, MFA and 2FA still may not be enough, and these companies should explore high-assurance passwordless authentication devices, such as physical passkeys with fingerprint scans. Phishing-resistant passwordless authenticators provide enhanced defenses against phishing and other attacks that capitalize on weaknesses in less sophisticated MFA methods. In our rapidly evolving threat landscape, ensuring the resilience of online security practices must be a priority for businesses of all sizes – or you may find yourself – and your customers – at risk.

++

DYLAN OWEN, CHIEF ENGINEER, CYBER PROTECTION SOLUTIONS, RAYTHEON, AN RTX BUSINESS

As sensitive data across organizations continues to proliferate and these organizations continue to expand, the importance of password protection grows exponentially. Data vulnerability is at an all-time high, and in order to properly and effectively prevent infiltration and exposure of this invaluable information, organizations must establish a sense of awareness and urgency by taking the necessary steps to keep their data protected. While organizations may be resistant to changing their old ways, due to a sense of familiarity and costly alternatives, the risk is far too great to not take proactive measures now. For example, multi-factor authentication and password managers are effective in simplifying the complexities of password tracking, while also keeping data secure and protected. Not only will these measures be more productive, but the mere integration of them will help build more security awareness across organizations, which is essential to the longevity of an organization’s cyber defense.

##

Published Thursday, February 01, 2024 7:36 AM by David Marshall
Filed under: ,
Get This Featured White Paper: 2024 Gartner Magic Quadrant for Enterprise Backup and Recovery Software Solutions
You may also be interested in this white paper: Technical Review: ExaGrid Retention Time-Lock for Ransomware Recovery
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<February 2024>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
252627282912
3456789