Google celebrates World Password Day 2021 with hope for a passwordless future - SD Times
May 7, 2021
Today is World Password Day 2021, and while companies are touting the best password management practices, Google is hoping someday we won’t have to worry about them at all. According to the company, even the strongest passwords can be compromised.
“You may not realize it, but passwords are the single biggest threat to your online security – they’re easy to steal, they’re hard to remember, and managing them is tedious. Many people believe that a password should be as long and complicated as possible – but in many cases, this can actually increase the security risk,” Mark Risher, director of product management, identity and user security at Google, wrote in a blog post.
Currently, the company provides two-step verification to confirm the identity of users. To expand this feature, the company plans to automatically start enrolling users if their accounts are appropriately configured, Risher explained. In addition, the company is working on advanced security features to make a multi-factor authentication experience that’s even more secure than passwords.
“For example, we’ve built our security keys directly into Android devices, and launched our Google Smart Lock app for iOS, so now people can use their phones as their secondary form of authentication,” Risher wrote.
Until it can reach a point where passwords are no longer necessary, Google will continue to invest in tools and features that keep passwords and personal information safe. The company recently launched a password import feature that stores up to 1,000 passwords from third-party sites for free.
“One day, we hope stolen passwords will be a thing of the past, because passwords will be a thing of the past, but until then Google will continue to keep you and your passwords safe,” wrote Richer.
Ralph Pasini, president of Exabeam, explained World Password Day 2021 is more important than ever as organizations navigate to this new reality of working from home. “Cybercriminals will capitalize on any opportunity to collect credentials from unsuspecting victims. Just recently, scammers began preying on people eagerly awaiting vaccinations or plans to return to the office as a means to swipe their personal data and logins, for instance,” he said. “The most common attack technique that I often see in the breach reports that I read is stolen credentials. This is a never ending battle between the security industry and cybercriminals, but there are ways organizations can protect themselves against credential theft.”
Mathew Newfield, chief infrastructure and security officer at Unisys, believes there are two simple tips to create complex and sure passwords: 1. Use a private passphrase rather than a single word. 2. Create a password key. Together, passphrases can be transformed into complex passwords. And as a bonus tip, he recommends periodically changing your passwords.
Russell Reeder, CEO of...