The growing reliance on technology means that in the current digital landscape, cybercrime is increasing and so is the need to implement robust cybersecurity measures to safeguard sensitive information in both businesses and individuals. 

One of the most prominent cybersecurity issues can be easily managed through implementing a secure password system which creates a strong barrier, making it hard for attackers to breach accounts and access vulnerable data.  

In 2023, Verizon has found that 74% of data breaches involve human error, including weak or compromised passwords.  

The Bitwarden World Password Day Survey in 2024 found that 36% incorporate personal information into their passwords which raises the concerns about password strength and security as well as the lack of understanding about the security benefits of passkeys and Multi-Factor Authentication (MFA).  

Here are some tips on creating a secure password that safeguards your information and mitigate the risk of credential harvesting: 

1. Building Strong and Unique passwords 

• With the rise of social engineering attacks, it is important to avoid using easily guessable and personal information in passwords and instead create a complex and unique password for each account.  

• A strong password should have the following characteristics: 

• At least 14 characters- however the longer, the better. 

• Combination of both upper and lowercase letters, numerals and symbols. 

• Avoid common phrases or guessable sequences. 

• Instead, include passphrases- a series of random yet memorable phrases or words that are more secure or easier to remember. 

• Change once every three to six months and are not reused for other accounts.  

2. Implementing MFA 

• MFA is an additional layer of security measure requiring users to verify their identity through multiple factors such as passwords, a mobile device linked or sometimes biometric authentication. 

• Not only does it prevent unauthorised users from accessing accounts in the case or a compromised password, but it also provides an alert whenever it detects suspicious login attempts. 

3. Enhancing Security with a Password Management System 

• Password managers allow users to effortlessly create and securely store complex passwords for each account. They often include random password generators which help the creation of strong and unique password combinations to enhance the security of the account.  

• Another benefit of password managers is the ability to streamline access through automatic login to websites and applications, allowing users to save time whilst maintaining robust account protection.  

4. Adopting Passkeys  

• Passkeys is a standard-based technology designed where users log-in with a device-generated unique cryptographic key, eliminating the need of usernames and passwords whilst offering a more secure and convenient authentication method.  

• Additionally, passkeys are inherently resistant to phishing attacks, as they rely on cryptographic keys. This approach prevents unauthorized individuals from accessing the account, providing a higher level of security for your accounts. 

Holistically, weak or compromised passwords account for over 80% of security breaches, making them one of the most critical vulnerabilities in cybersecurity. Implementing the majority of the recommended measures can significantly enhance overall security. However, we strongly advocate for adopting all these strategies to establish a comprehensive and formidable defense against cyberattacks, ensuring greater protection for your systems and data.