World Password Day: Password Protection Needs a Fundamental Change


Let’s be honest, our digital lives have us drowning in passwords. The average person manages anywhere between 60 and 90 password-protected accounts--a number that goes up for IT professionals. In an ideal world, each password would be a unique set of randomly generated characters and numbers. But that doesn’t really happen. 

A 2019 Google study found that 75% of the Americans admit to struggling with so many passwords, that  many end up reusing the same password across multiple accounts. As a result, your office assistant may be using the same password for his/her system login as for social media - a scary thought but a very real one.

Weak passwords represent a cybersecurity threat for organizations already struggling with security compliance during remote work and the blurring of personal and professional spaces. In fact, more than 80% of data breaches involved brute force or stolen credentials. 

Organizations need to take a few extra steps to ensure that they don’t compromise on security while their employees are working at home. Improved last-mile endpoint security solutions paired with password best practices can help improve network security. Some techniques include: 

  • Detect Spam and Phishing attacks early

In 2019, 76% of businesses that fell prey to phishing attacks did so through fraudulent emails. Relying on end users to stay alert to constantly evolving tactics is not realistic and will always fail. A better solution is to ensure that  the entire security stack is using  the latest threat intel so that it can proactively detect malicious traffic and block phishing attacks.

  • Educate users to avoid human errors
    The weakest and most vulnerable link in any organization is the employees and the potential for human error. It is critical for security teams to continuously educate colleagues on password management best practices—such as unique and confidential passwords, regular password changes, and the use of password managers—and give them the tools to implement them.
  • Add an extra layer of protection with Multi Factor Authentication

Adding an extra layer of security with biometric or 2-step authentication offers better security, according to 65 percent of IT professionals recently surveyed on the topic. Even where biometric authentication is not always feasible, Multi Factor Authentication can block a significant number of attacks.

  • Leverage DNS-first Security Solutions

Organizations can leverage the benefits of a DNS-first approach for a wide variety of detection and protection purposes, both on and off-premises. Because it sits at the core of the network and touches every device that connects to it, DNS is a powerful tool that can be used to catch the more than 90% of malware that uses it to enter or exit a network. DNS layer security stops attacks such as ransomware, phishing, exploits early in the kill chain and close to the compromised endpoint, while  blocking DNS-specific threats like FastFlux, DGAs and DNSMessenger, that other tools miss.

  • Detect threats sooner with better visibility

Most organizations consider DNS to be a critical part of their investigation and response capabilities for the visibility it provides over the network. DNS, DHCP and IPAM provides critical forensic information that allows security operations teams to quickly triage and prioritize response to events.  

At the 2004 RSA Conference, Bill Gates predicted the death of passwords. Seventeen years later and passwords are not only still in use, but remain our primary method for accessing systems and user accounts. While options to strengthen the password like password managers and multi-factor authentication are being increasingly adopted, it remains apparent that they are insufficient. For better or for worse, passwords are here to stay, and so a fundamentally new approach is necessary to protect the network and individual users from data breaches and cyber attackers, one that gives security teams the ability to identify and block attacks before they happen.

Edited by Luke Bellos
Related Articles

IKIN Brings Hands-on Holographic Content Development Experience to Developers at ITEXPO

By: Erik Linask    6/10/2021

IKIN is giving developers a chance to learn first-hand how to create 3D holographic content at IKIN University at ITEXPO.

Read More

IKIN University, RYZ SDK Open Door to 3D World

By: Maurice Nagle    6/9/2021

Recently IKIN CMO Michael D'Arminio and EVP, Marketing Cody Oakland dished on how IKIN is deploying imagination - no, seriously. The IKIN RYZ SDK empo…

Read More

How to build a website in 6 steps!

By: Special Guest    6/9/2021

Creating a new website is not as easy as it seems. Because it involves designing and coding a website. If you don't know how to do things like that, i…

Read More

Setting Up a Home Office: The Dos and Don'ts

By: Special Guest    6/8/2021

The ongoing pandemic has forced many Americans to readjust in many ways, including shifting to remote work. Working from a home office no longer raise…

Read More

6 Ways Technology is Changing the Investing Landscape

By: Special Guest    6/8/2021

COVID-19 has changed the world of investing for good. In fact, 25% of investors are now considered "retail", which represents an all-time high. Tec…

Read More