Celebrating World Password Day: Your Guide to Unbreakable Password Practices

Happy World Password Day from all of us at CloudShepherd Limited! Today marks a special occasion dedicated to bolstering our defences in the ever-evolving digital landscape. Initiated by Intel in 2013 and celebrated every first Thursday of May, World Password Day serves as a timely reminder of the critical role robust password practices play in safeguarding our digital identities—whether you’re a solo adventurer in the digital realm or part of a colossal enterprise.


The Ripple Effects of Weak Passwords

The essence of World Password Day lies in recognising that a single compromised password can unleash a domino effect of security breaches throughout an organization. Consider this—54% of employees reuse their passwords across multiple platforms. If a hacker cracks just one password, they might gain the keys to multiple other critical systems.

Data breaches stemming from such compromises are costly affairs, with an average hit of $4.5 million, as per the IBM Security Cost of a Data Breach Report 2023. Moreover, these breaches are amongst the most prolonged to rectify, taking months to detect and contain.

Elevating Password Security in Your Organisation

World Password Day is the perfect juncture to engage with your team about stepping up their password game. Here’s how you can tighten the bolts:

  • Implement Stringent Password Policies: No reusing old passwords, mandate frequent updates, and set requirements for complex passwords that include a blend of upper and lower case letters, numbers, and symbols.
  • Promote the Use of a Password Manager: Simplify password management without sacrificing security by adopting robust password managers that can generate and safely store complex passwords.
  • Advocate for Multi-Factor Authentication (MFA): Add an extra layer of security by enabling MFA. Encourage the use of authenticator apps over SMS-based verification to enhance security protocols.

Why Robust Password Hygiene Should Be Everyone’s Business

It’s a common myth that cyber criminals only target the big players, leaving smaller entities under the radar. Likewise, individuals in large corporations might think, “I’m just one among thousands—surely, I’m not at risk?” These assumptions are dangerously misleading and expose businesses to significant cyber threats.

Our insights, backed by findings from the 2023 FBI IC3 Report, highlight that credential phishing tops the chart for cybercrimes affecting all scales and sectors of business. What’s more, attackers are not just after the big fish; anyone within an organization, especially those handling sensitive roles in finance and HR, is a prime target.

Understanding the Importance of Password Safety

In our increasingly digital world, the significance of maintaining robust password hygiene cannot be overstated. Passwords act as the first line of defense against unauthorized access to your personal and business accounts. As we approach World Password Day on May 2nd, it’s a perfect time to reassess our password practices and ensure we’re doing all we can to safeguard our digital lives.


Tips for Creating Memorable, Secure Passwords

Creating a password that is both secure and easy to remember might seem challenging, but it’s achievable with the right approach:

Use a passphrase: Consider a sequence of words or a sentence that you can easily recall. For example, “My dog barks at 2 cats!” has high entropy due to its length and mix of characters.

Incorporate personal touches: Customize your passphrase with details meaningful only to you, making it less guessable. For example, “BlueHouse52#Road!” could represent a personal memory or favorite place.

Employ mnemonic devices: Create passwords using the first letters of each word in a phrase or song lyric you enjoy. For example, the phrase “I love two things: chocolate and vacations!” can be turned into “10Chocolatevacaction?”

Add complexity subtly: You can increase entropy by changing letters to numbers or symbols that still make sense to you, such as replacing ‘E’ with ‘3’ or ‘S’ with ‘$’.

Use a password manager: To keep track of your different high-entropy passwords, consider using a password manager. These tools can also generate strong passwords for you and securely store them, modern browsers such as Edge have built in functions for storing password and password generation which really takes away from the hassle of this.


The Role of Regular Updates and Unique Passwords

It’s crucial to not reuse passwords across multiple sites. If one site experiences a security breach, all accounts using the same password could be compromised. Regularly updating your passwords and ensuring each account has a unique password diminishes the risk of unauthorized access.


What is Password Entropy?

I thought i’d leave the funnest part till last, one of the most important things to rememeber is entropy this is the calucation of how secure your password is, the formula is H=L×log2(N) looks scary but it isn’t

  • is the length of the password.
  • is the number of possible symbols for each character in the password.

  • is the entropy, measured in bits.

log2(N) gives the number of bits necessary to represent N different symbols, and multiplying this by the length L of the password gives the total entropy of the password in bits.

Let’s say you have a password with 12 characters that can include lowercase, uppercase, digits, and 10 special characters (total 72 possible characters). The entropy calculation would be:

  • Calculate N (total possible characters): 72
  • Compute log2(72) to find the entropy contribution per character.
  • Multiply by the length L of the password

Therefore, the total entropy for this 12-character password would be about 74.04 bits. 

Heres a little cartoon to make explain

What’s the take home?

To boil it down to the simplest form:

1. Make your passwords as long as possible
2. Make sure you use different password for each of your accounts
3. Use MFA where ever possible

Happy password day everyone from Cloud Shepherd!!


Test Drive our Products Today

As a specialist in cloud computing and secure connectivity, we are experts in creating the right remote working environment to connect your people and deliver results.