Cybersecurity Cyber SecurityNews

Palo Alto Networks shares steps for improving password security

Weak or strong? On World Password Day, cybersecurity company Palo Alto Networks reminds people to be more conscious of the strength of their passwords because it is one of the most attacked threat vectors that cybercriminals can use.

Admit it or not, many people who use any digital service either recycle their passwords for multiple websites or use the most obvious figures such as birthdates. Consider that your pet’s name or mother’s maiden name is often the given security question to gain entry in most web portals, especially when you have to reset passwords.

Citing available research, Palo Alto Networks 91% of people know that using the same password on multiple accounts is a security risk, yet 66% continue to use the same password anyway. 

Palo Alto Networks bolsters SaaS applications security
Palo Alto Networks bolsters SaaS applications security

While industries are looking at a passwordless digital life in the future, passwords remain a vital security measure. Companies, especially financial institutions, have resorted to 2FA (two-factor authentication) and MFA (multifactor authentication) and some have been migrating to biometrics.

Strengthen your passwords

Steven Scheurmann, regional vice president for ASEAN at Palo Alto Networks, provides simple and effective measures to make passwords the primary guardian of your personal and professional accounts:

  • Set guidelines for passwords that prevent password spraying: Ensure long passwords with a good mix of different character types — letters, numbers, and special characters. An 8-character password is easier to guess by a computer than a 16- or 24-character password.
  • Avoid vulnerable passwords that are easily guessed or already compromised. If you go and Google’s “commonly used passwords,” you’ll see a list that any attacker uses when trying to guess passwords. If there is a default password on an internet-facing device or even internally. Change it ASAP.
  • Avoid reusing passwords: Everyone hates remembering passwords; some great options are using the passphrase options. We can use it to create unique passwords that are easy to remember. Be wary of password managers; several have been hit recently, and some of them multiple times. But they can also be an option.
  • Require password updates at set frequencies: This is a pain, but consider it the standard operating procedure for business risk reduction. It doesn’t take that long to do and helps secure the organization if a set of credentials is stolen or phished somehow.
  • Use multi-factor authentication methods: If a password is stolen or guessed, no matter how hard you’ve tried to be unique, having other methods to confirm it is you trying to get to a resource or a web service you use is vital. Many different cloud, security, and operating system vendors have a multi-factor authentication app that you can install on your phone to link to almost every website that supports it.

“By taking these steps, individuals and organizations can help improve their password security and protect their online accounts and personal information,” Palo Alto Networks said. 

1 reply »