World Password Day as seen by Kaspersky

Each year, the first Thursday in May is the event that represents World Password Day.

An opportunity to put cards on the table on the different practices of using this mode of connection protection as well as the hygiene in computer security as a whole. If it is decried on both sides, we cannot deny that the password is the main way to protect connections and the use of digital services.

This article will also interest you: World Password Day: Should we get rid of the password?

In terms of the security of personal data, this is an issue that is still relevant today. Indeed, the massive use of digital solutions forces the Internet user to constantly leave information about him everywhere on the platforms he 'use. According to a study conducted by DoubleVerify, the time spent by a daily actor in front of online content has literally doubled since the coronavirus pandemic. Today and 6 hours 59 minutes.

According to a study by Kaspersky called "Consumer appetite versus action: The state of data privacy amid growing digital dependence":

  • 31% of those surveyed said they had experienced an intrusion into their digital device;
  • Half of them admitted to having suffered financial losses;
  • 28% of users say they have either been the victim of computer hacking or attempted intrusion, especially on social networks.

Faced with all this reality, the relevance of passwords is pointed out. Especially when we see an increase in the power of certain authentication practices such as biometrics or the double factor. Faced with this situation, computer security researcher Ivan Kwiatkowski nevertheless says that the password remains one of the most effective techniques to protect against cyber malice.

"The proliferation of sites requiring a password has led to the limitations of memory: how to remember a hundred (minimum) secret codes generated for a multitude of online services? The acceleration of digital usage has involved changes in security practices, including the use of the password. A data leak on one of the sites where an account is available, or a brute force attack will then become particularly serious if it allows the attacker to access all of a victim's accounts. he notes.

"That's where the need for the strong password comes in. When the password is found in the wild and a malicious individual wants to obtain it, the number and variety of characters will impact the time it takes to decipher. If the attacker manages to discover the original password, another type of attack comes into play: credential stuffing, which involves testing logins and passwords on many websites. The unique password is then required so that a security flaw only has an impact on the site where it was used. He adds.

Even if several means of fortifications develop, the password can be condemned to a certain purpose.

"No, even if it no longer exists in its original form thanks to very useful tools: password managers that exist in open source form, via dedicated tools like KeyPass, Mooltipass or via publishers (Kaspersky Password Manager for example). They generate complex passwords and memorize them. No excuse not to use them because some of these tools are free. Most of these managers offer the ability to synchronize data on our various devices. Perfectly secure, if used well, these managers can restore the crest of this first bulwark against account compromises: the password. All we have to do is remember the unique input sesame to the tool and then let the password manager do everything else. Kaspersky's expert explains.

The password remains essential. No matter what they say, it would be literally difficult to get rid of it. Because all alternative modes of account security also have their drawbacks.

Now access an unlimited number of passwords:

Check out our hacking software