This Thursday is World Password Day, and leading the celebration are Apple, Google, and Microsoft. Starting sometime within the next year, all three companies will embark on a joint effort and expand support for passwordless sign-ins across all devices and platforms.
If two heads are better than one, then the three-headed effort by the tech giants should be really powerful. For one thing, the trio promises users the ability to sign in through a single action that requires a device PIN or fingerprint verification. The new approach is designed to protect against phishing, and officials say the move will make sign-ins "radically more secure."
“The complete shift to a passwordless world will begin with consumers making it a natural part of their lives. Any viable solution must be safer, easier, and faster than the passwords and legacy multi-factor authentication methods used today,” says Alex Simons, Corporate Vice President of Identity Program Management at Microsoft.
“By working together as a community across platforms, we can at last achieve this vision and make significant progress toward eliminating passwords. We see a bright future for FIDO-based credentials in both consumer and enterprise scenarios and will continue to build support across Microsoft apps and services.”
Consumers need to protect themselves for now
Until the day when all our passwordless hopes come true, anyone who uses a digital device controls much of their own destiny when it comes to privacy and security.
What are some things that the public can do to honor World Password Day? ConsumerAffairs found five tips that various security analysts say could make their cyber use even more secure:
Stop using your pet’s name as your password. Aura, which deals in intelligent safety for consumers, found that more than 39% of American pet parents have used their pet's name as part of their password for an online account. That stat rises to 1 in 2 (50%) among pet parents between the ages of 35 and 44.
"Pet names are often widely known and easily searchable on social media or online,” Aura says.
Is your password something a family member can guess? In a survey of 1,000 Americans, ExpressVPN uncovered several distressing findings about password security. It found that 44% of people admitted to using personally identifiable information like their date of birth; that the average person uses the same password for six websites and/or platforms; that 43% of people say their loved ones would likely be able to guess their online passwords; and that 2 in 5 people admit to using a variation of their first and/or last name in online passwords they create.
The longer, the stronger. “It’s true that the longer a combination is, the harder it is to remember. But it is one of the best ways to keep information safe so make sure to use at least 8 digits to tighten up security levels,” says CheckPoint.
Chris Brooks, the founder of CryptoAssetRecovery, agrees and even suggests more firepower.
“People often think that adding symbols to a password makes it more secure. Given the firepower that hackers have at their disposal today, that isn't necessarily true," Brooks suggests. "Short complex passwords can be cracked in fractions of seconds. Complexity + Length is what makes passwords secure."
Check out the strength of your current password. Kaspersky, the anti-virus company, offers a password checker that can tell consumers how strong their passwords are. Before you commit to a password that you think no one on earth would ever figure out, it might be wise to test it out.
Netflix users should use caution. Netflix's recent move to crack down on password sharing has a silver lining for consumers.
"Keeping the use of a single account and password to a single user means fewer opportunities for identity theft, fraud, or other potential damages to the primary user," Nathan Wenzler, chief security strategist at Tenable, told ConsumerAffairs.
How bad could things get for password-lazy Netflix subscribers?
"As our online presence is increasingly tied to our financial services, shopping and delivery services and our reputations, it's becoming more important that we all take the credentials we use seriously and protect them as much as we can," Wenzler said.