Rethinking the Role of Compliance

World Password Day 2023

What is World Password Day?

First, let’s start with some history of passwords. The concept of passwords dates back thousands of years, to ancient civilizations that used secret codes and symbols to protect sensitive information. For example, the ancient Greeks used a scytale, a cylinder with a strip of parchment wrapped around it, to encrypt messages by writing the message in a spiral pattern around the cylinder.

In the modern era, the first computer password was used in the Compatible Time-Sharing System (CTSS) at the Massachusetts Institute of Technology (MIT) in the early 1960s. These early passwords were simple and easy to guess, and were typically used to restrict access to computer terminals.

As computers became more prevalent in the 1970s and 1980s, the use of passwords became more widespread. However, security practices were not yet well established, and many passwords were still weak and easily guessable.

In the 1990s, as the internet became more popular, the need for stronger passwords and more robust security practices became apparent. The first secure password storage systems, such as crypt and the MD5 hashing algorithm, were developed during this time.

Today, passwords remain a critical part of online security, but they are often supplemented by additional security measures such as two-factor authentication and biometric authentication. As the threat landscape continues to evolve, the history of passwords serves as a reminder of the ongoing need for strong and secure authentication methods.

World Password day is less of a celebration and more of a way to reevaluate any passwords that may in need of an update.

How do hackers access passwords?

Unfortunately, it can be relatively easy for hackers to crack passwords, especially if they are weak or poorly protected. Hackers use various techniques such as dictionary attacks, brute force attacks, and social engineering to crack passwords.

Dictionary attacks involve using a list of common passwords to attempt to guess the correct one, as many people still use common and easily guessable passwords, such as “password” or “123456,” which make their accounts vulnerable to hacking.

Brute force attacks use automated tools to try all possible combinations of characters until the password is cracked.

Social engineering techniques involve tricking users into revealing their passwords through phishing emails or other means, and is a very common method of compromising passwords.

How can I keep my passwords safe?

  1. Use strong passwords: A strong password should be at least 12 characters long, include a combination of upper and lowercase letters, numbers, and symbols, and not contain any personal information.
  2. Use a different password for each account: Using a unique password for each account reduces the risk of all your accounts being compromised if one password is compromised.
  3. Use a password manager: A password manager securely stores all your passwords and generates strong passwords for you. This way, you only have to remember one master password.
  4. Enable two-factor authentication: Two-factor authentication adds an extra layer of security by requiring a second factor, such as a code sent to your phone, in addition to your password.
  5. Be wary of phishing scams: Hackers may attempt to steal your password through phishing scams, which are emails or websites that look like legitimate companies. Always verify the legitimacy of emails and websites before entering your password.
  6. Change passwords regularly: Changing passwords regularly reduces the risk of them being compromised.

By following these best practices, you can significantly reduce the risk of your passwords being stolen and keep your accounts safe.

Below is a guide from Hive Systems, showing how long it would take a hacker to brute force your password in 2023.

Hive Systems Password graphic 2023

Others have also read ...

Blog

What is ISO 27001 Compliance?

ISO 27001 compliance involves adhering to the international standard for information security management systems (ISMS). This standard provides a systematic approach to managing sensitive information and ensuring data security.

Qmulos’ platform supports ISO 27001 compliance by automating the processes required to implement and maintain an ISMS. Our solutions provide real-time visibility into compliance status, ensuring that organizations can continuously meet the requirements of the standard.

Read More »
Press

Qmulos Recognized in 2024 Splunk Regional Partner Awards

Qmulos Named 2024 Regional Partner of the Year Winner for Outstanding Public Sector
Partnership – Qmulos, a next-generation compliance, security and risk management automation provider, announced today it has received the 2024 Regional Partner of the Year award for exceptional performance and commitment to their Splunk partnership.

Read More »

Request a Demo

Learn how QMULOS can help your company grow by scheduling a demo with our team.