Blog

World Password Day

World Password Day
Userlevel 7
Badge +18

Today is World Password Day and we wanted to take that opportunity to have a discussion with our community about “Password Integrity”. 

With every passing year, it seems like we need five more accounts for our business and personal lives. That means five new passwords and five new opportunities for someone to access your information or steal your identity. On top of all that, how many of you can honestly say you use a unique password for every one of your ever-growing list of online logins?

The truth is, it has become nearly impossible to create and remember long, secure passwords for all of our online accounts. The solution that most people have begun to adopt is the use of a password manager such as LastPass which is included in SecureAnywhere Internet Security Plus and Complete. Using a password manager solves a number of problems such as:

  • Generating randomized, secure passwords
  • Locks your huge list of account passwords behind a singular “master password” or biometric password such as a fingerprint/face scan
  • Distributes access to that list of passwords across all of your devices

While password managers are not flawless, they solve most of the issues make people and businesses vulnerable to data breaches and identity theft.

Making a password that would be considered secure consists of the following:

  • A password should be 16 characters or more; our password-related research has found that 45 percent of Americans use passwords of eight characters or less, which are not as secure as longer passwords. 
  • A password should include a combination of letters, numbers, and special characters.
  • A password shouldn’t be shared with any other account.
  • A password shouldn’t include any of the user’s personal information like their address or phone number. It’s also best not to include any information that can be accessed on social media like kids’ or pets’ names.
  • A password shouldn’t contain any consecutive letters or numbers.
  • A password shouldn’t be the word “password” or the same letter or number repeated.
    (Credit to Security.org)

I tried for years to create unique passwords that follow this set of rules and succeeded...for a while. Recently, I finally admitted to myself that I didn’t have the ability to memorize my 20+ unique passwords and was using the “forgot password” function far too often. Since adopting a password manager, I haven’t had to click “forgot password” because I only have to remember a singular, strong, master password to get access to the rest of them. It’s been such a level-up in my online life that I can’t imagine ever going back.

(For the record, I use KeePassXC since i prefer local storage)

What password solutions is our tech-savvy Webroot Community using? Cloud/Local password managers? Superhuman memory that never forgets 16+ character passwords? Leave us your thoughts in the comments below!

I’d like to credit much of the content in this post to our Writing team and this amazing World Password Day Blog they created. Go check it out to learn more about password integrity!

 


54 replies

Userlevel 7
Badge +20

I always love the idea of PHRASES. Most of my passwords are in my head and most are lines from movies or TV shows. I use the spaces between the words as my special characters [BTW some logins don’t allow spaces for PWs 😡]

I always make sure to change it up for each login or have a set pattern for certain types of movies for certain types of logins, I won’t go into detail for obvious reasons

I’m not going to give you a whole part

 

Userlevel 7
Badge +4

My favorite are the ones that don’t allow for special characters. Like, what are we even doing here?

 

Tyler’s way is pretty fun, but the older I get, the worse I am at password recall. I’ve been using a password manager, so just create gobblygook passwords I don’t have to remember.

 

Userlevel 3
Badge +1

@TylerM @FasteasyPhil  This isn’t something we offer today, however I will bring it to the team for discussion.

Thanks,

Chris

Userlevel 5
Badge +5

I wish passwords getting cracked were still a thing. Anymore, the passwords are handed over willingly through phishing emails.

Userlevel 7
Badge +4

We are currently trialling Password Boss. Would be keen to hear if anyone has toyed with it!

Userlevel 7
Badge +63

Strong and very safe passwords are a must these days and you need to change them up every once in awhile!

Userlevel 3

I know most people try and use the same password for everything, they run into problems when everyone has different rules for what makes s password secure enough. Password managers seem to be the only way but then technically you’re back to having a single password for the lot!

Userlevel 4

Use password generator. Password length - 16 symbols.

Userlevel 7

I use LastPass for my Password Manager. I use long passwords with Upper Case, Special Characters and Numbers for all accounts. My Master Password for LastPass is changed Monthly. I have over 100 accounts with passwords so I have divided them into four groups. Quarterly I change all passwords in one group. By the time a years is over, all account passwords have been changed. I have been doing this routine for years now.

Userlevel 7
Badge +54

Long and strong is what I aim for with a mix of characters, upper and lower cases and as many variations as I can and I also use LastPass as well.

 

Userlevel 4
Badge +5

An encrypted flash drive and text file are magic for password storage. 

Userlevel 7
Badge +63

An encrypted flash drive and text file are magic for password storage. 

I use to do something similar using a Text file then Password protected zip RAR file.

Userlevel 7
Badge +20

 

I didn’t know WR had a lastpass integration / bundle.  Is this available as an MSP product?

I’m not sure if that’s an option in business offerings will check with @csaunders 

Userlevel 4

I use Bitwarden for a min of 32 random char passwords for everything

SSO where possible. Otherwise MFA. 

Privately different usernames everywhere and generated passwords.

Userlevel 5
Badge +4

Password managers… as soon as I mention to a client the costs involved, they always shy away from it… Sad but true, but also understandable...

Userlevel 3

MFA and ensure that users changed the password monthly

 

Userlevel 4

Where possible, I use two-factor authentication. However, I entrust my passwords to ITGlue which, in addition to storing the encrypted passwords in the cloud, offers a valid random generator. The cost is not indifferent but the features included in the package are indispensable for an MSP.

Userlevel 4

Changing password monthly or every 2 months is a main thing.

Long password that has upper case lower case, special characters and numbers..…

Sometimes I use sentence with different language written in English letters.

Userlevel 2

I use Bitwarden password manager with a minimum password length of 32 random char (including special characters). Also SSO or MFA where possibile. As for the frequency of change, approximately every 2/3 months.

Userlevel 7
Badge +20

I wish passwords getting cracked were still a thing. Anymore, the passwords are handed over willingly through phishing emails.

too true

For me I also like the phrase or sentence to use as passwords 

Userlevel 7
Badge +4

I wonder how many tickets would be in my company’s support queue if none of them were password related!

Userlevel 7
Badge +20

I wonder how many tickets would be in my company’s support queue if none of them were password related!

 

Are password issues/resets really that much of IT support queue?

Userlevel 7
Badge +4

They are with my clients!!

Reply