World Password Day

It’s World Password Day, which sadly continues to mean absolutely nothing. 

While many other proclaimed “days” are meant to celebrate or show appreciation for a special group, occupation (it’s also National Nurses Day) or even food (it’s both National Beverage Day and Crepe Suzette Day), World Password Day is more akin to that frantic round of toothbrushing and flossing you meant to do before your annual dental checkup, but never seem to get done. 

Passwords, like flossing, are a basic part of hygiene–cyber hygiene–that we too often neglect the other 364 days of the year.

Take the time this year, if only for one day, to review your password practices and maybe pick up a few good habits:

  • Don’t reuse passwords: If everyone were to heed this one piece of advice, we wouldn’t need a World Password Day. Unfortunately, surveys show that a majority of us continue to reuse the same passwords online, a figure that is probably higher than people admit. Don’t reuse your passwords.
  • Enable 2-Factor authentication: 2-Factor Authentication, or 2FA, is simply adding a second step to the standard username/password login process. This is typically done via email or text that belongs to the account holder. Facial recognition, thumbprint scans and hardware keys are alternate forms of authentication. 2FA is by no means hacker-proof (virtually nothing is), but it can add a second barrier between them and your account.
  • Consider using a password manager: If you insist on using the same password across multiple sites, consider using a password manager app, which can automatically generate random and difficult to crack passwords through a single account with one hopefully unique and hard-to-guess password and 2FA protecting it. If you go this route, be sure to do your homework: Never use a “free” password manager app and check reviews to make sure the service you use is legitimate and hasn’t been breached.
  • Don’t use easy to guess passwords: While I applaud anyone who doesn’t reuse passwords, I would be remiss if I didn’t qualify the advice from the first point: Don’t make them easy to guess. Using “password123,” “password456,” “password789” doesn’t add much in the way of security; if one or more of these passwords is breached, it’s not hard to spot the pattern.
  • Be careful when you enter your password: There’s a method that hackers use, often in concert with phishing emails, where they clone or spoof familiar login screens as a means of tricking their victims into sharing their credentials. Double check the URL of sites when entering your login and password and check for the telltale signs fo trouble like misspellings.
  • Monitor your accounts: It can take months for a data breach to be discovered. This World Password Day, pay extra attention to unusual activity on your accounts. Doing so may alert you to a compromise of your password or credentials.