On May 4 we celebrated World Password Day: an occasion started by Intel to create awareness around strong password practices. Here’s why:
- The #1 most commonly used password in 2022 was “password”, the second was “123456”, and the third was “123456789”. (NordPass)
- An estimated 3.4B phishing emails are sent each day. Malicious links included in 170M of these will be clicked on within an hour of receipt. (FireEye)
- Phishing schemes have caused serious data breaches to major corporations like Meta, Google, and Sony.
Ergo, it’s safe to say that Baby Boomers aren’t the only ones struggling to create and manage their login credentials responsibly. But even if you are using unique passwords, and even if you aren’t bamboozled into handing them over willingly, AI can crack passwords in seconds.
That’s why we think the best thing you can do to keep your passwords safe is to eliminate them altogether. So in the spirit of the best password being no password at all, BeyondID proposes World Passwordless Day on May 5.
AI can crack passwords in seconds
PassGAN is the AI tool cracking your passwords faster than ever – a program informed by real credentials and capable of generating guesses to crack 51 percent of common passwords in less than one minute.
So what can you do to make your passwords harder to guess?
- Always use strong password patterns
- Change your password regularly
- Never use the same password across multiple accounts
- Always enable multi-factor authentication (MFA)
- Use a password manager
But these precautions only work as well as they’re applied, and with available safeguards like MFA still grossly under-used, it’s clear that users are reluctant to complicate their sign-on process.
A better solution: upgrade your identity platform and go passwordless.
Okta customers can now go Passwordless with Okta Identity Engine (OIE)
“Passwordless” describes any method of authentication that prompts users to prove that they either have something or they are something without entering a password. Methods such as magic links, one-time codes, and push notifications can prove possession of other devices/accounts associated with a digital user. Biometrics like fingerprints, retina scans, and Face ID can prove that someone is the user they’re claiming to be.
No longer a buzzword, passwordless is fast becoming a must-have feature for future-oriented organizations. So how can you go passwordless?
As one of a select few Okta Apex partners, it’s no secret that we recommend taking a look at the Okta Identity Engine (OIE). In our opinion, it is the best and simplest way to add passwordless technology without vendor sprawl.
Don’t stand by while hackers crack your organization’s customer and workforce passwords. This Passwordless Day, let BeyondID help you say no to “sitting duck” passwords.
Happy World Passwordless Day 2023!