It’s World Password Day—Why You Should Care

Today is World Password Day—and with cyberattacks up more than 200% over the last year, it’s more than a calendar date, it’s a call to action. When it comes to cybersecurity, passwords are one of the most targeted vulnerabilities in the security chain. And with misperceptions about what passes as a secure login and outdated websites limiting users to 12 characters or not enabling multi-factor authentication, it’s still a struggle to get secure passwords right—even in 2021.

That’s why WPD is dedicated to building awareness of best practices for secure passwords and why they matter. In this blog, we’ll brush up on the parameters, some shocking statistics, and alternatives in case you’re ready to give passwords a hard pass.

Are you making your personal or company accounts an easy target? Here are some caveats to keep in mind with your passwords:

• Don’t use repeat passwords.
• Don’t share passwords.
• 16 characters are the sweet spot.
• Include lower case, upper case, numbers, and special characters.
• Length beats complexity.
• Passwords should be tough to guess, but easy to remember.
• Do not use the word Password in your password.

Yes, weak passwords and poor login processes are plaguing the enterprise with accelerating ransomware attacks. That means your business staying in business could be one password away from disruption. Since the connected workforce has dominated the workplace, security risks are on the rise with users using passwords across applications and devices.

If this sounds alarmist, read on for some recent stats on passwords wreaking havoc on the business community:

• More than half of people use the same passwords for both personal and professional accounts.
• 57% of users scammed in phishing attacks still haven’t changed their passwords.
• 23 million account holders are using the password, 123456.
• The average password has eight characters or less.
• 43% of Americans have shared their password.
• 20% of Americans have shared their email account password.
• Only 37% of Americans leveraged two-factor authentication to secure logins in 2020.
• And still, fewer (34%) Americans change their passwords regularly.
• Just 15% use an online password manager.
• 27% of Americans admitted to attempting to guess someone else’s password, and 17% of them guessed correctly.
• 42% of organizations still rely on sticky notes as a password management strategy.

Now that we have your attention, let’s talk about SSO. The technology lets users—both on the internet and specific business members—access all their applications with a single username and password and no compromise whatsoever to security.

Even though SSO only uses one username and password for validation it’s still more secure than that post-it note full of passwords. SSO technology makes it tougher for hackers to gain access to any of the associated accounts. So users can have one name, one password, and an extra layer of security. That extra layer is mission-critical now with the volatility of a remote workplace.

SSO Increases User Satisfaction While Reducing IT Requests

Many users expect that SSO is a given—already using single sign-on authentication on their smartphones and home devices. As a service, it’s something customers have started to expect from tech organizations—they appreciate not having to commit multiple passwords and usernames to memory.

Another big win? Your IT department will thank you because implementing SSO instantly reduces the number of calls, emails, and help desk tickets they receive on login issues and password reset requests. Because password fatigue is real—users have so many accounts that it’s easy to forget credentials.

Using SSO also helps your workforce make some major productivity gains. Think about increasing password requirements and frequently required password changes every 60-90 days. When users access multiple applications daily—with some passwords changing regularly—running into challenges is normal and basically inevitable.

Even worse, after a couple of failed attempted logins an already stressed-out user can be locked out of her accounts—sometimes outside of support hours—putting off priorities until she can regain critical account access.

Users are also more likely to apply secure practices when fewer logins are required. Using SSO, additional layers of security including two-factor authentication, or stricter password requirements are easier to enforce.