Hands up. How many of you knew that Monday 5th of May was World Password Day? No. We didn’t know either. Apparently this was the fourth time that the world has celebrated it. Nope. We didn’t’ know that too.
The idea started in the United States and arose out of desire by the IT industry to increase awareness about a topic that catches just about everyone out, i.e. how to reconcile managing multiple passwords without writing everything down – and so compromising security.
Passwords, as everyone knows, are the bane of everyone’s lives, and as the risk of cyber-crime increases, so too does the need for everyone to be more vigilant, including changing their passwords on a more regular basis and using more complex combinations (Not surprisingly cyber-criminals find passwords like ‘password’ or ‘12345’ quite easy to crack!).
Travellers represent rich pickings for cyber-criminals. Backpackers who leave their smartphones lying around or those that take their work laptops on holiday with them pose the easiest and richest of them all.
Business people on holiday, in particular, represent a significant risk to their employers (as well as cause their IT security teams to tear their hair out) as their levels of security awareness drops with each Pina colada.
Because collecting and selling passwords and personal online credentials is very big business now. One hacker stockpiled more than 272 million passwords for major email services, including Gmail, Hotmail, Yahoo Mail and Mail.Ru, Russia’s No. 1 email service.
A similar incident made the headlines in the US in November, when nearly 600,000 Comcast credentials were posted on the Dark Web, a hidden series of websites where criminals can go to buy log-in credentials so as to break into your accounts.
So what were the main tips arising from World Password Day? The most common seemed to be as follows:
- Use complicated passwords
- Use a password manager
- Don’t use the same password for different accounts
- Change your passwords frequently
- Use multiple factors to log in
- Do not share your passwords
- Don’t use personally identifiable information
If this all seems quite a palaver, it will be as nothing if your online presence is compromised and your identity stolen.