Strengthen your passwords for world password day

Issue 4 2020 Cyber Security

“The recent headlines about 500 000 Zoom passwords being up for sale confirm how important it is that people change their password habits. Passwords are painful. I get it. But using the same password over and over again puts us at risk. My advice is using a password manager. This means you only have to remember one very strong password, and the password manager takes care of all the other ones. And wherever possible apply multi factor authentication. This is combining your password with something that you own, like a One Time Password app on your phone,” says Anna Collard, MD of KnowBe4 Africa.

Anna Collard.

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has launched a new kit to help people strengthen and improve their password management in recognition of World Password Day on May 7.

The National Cyber Security Centre in the UK found that the most hacked passwords that were used the most overall were as follows: 123456, 123456789, qwerty, password and 111111. First names, premier league football teams, musicians and fictional characters were also found to be popular password categories that are easily cracked.

“Contrary to popular belief, bad guys don’t actually need to crack weak passwords, they can just reuse the billions of passwords already available for sale on the dark web. Using a technique called “credential stuffing”; hackers use account details obtained from older data breaches,” says Collard.

According to the LastPass Psychology of Passwords Report, 91% of people know password reuse is insecure, yet two-thirds do it anyway. Half of respondents hadn’t changed their passwords in over the past 12 months even after hearing about a breach in the news.

“There’s a lot of debate out there about the best password policy and whether or not they should be long, short, how complex, etc.,” said Roger Grimes, data-driven defence evangelist, KnowBe4. “The National Institute of Standards and Technology (NIST) has drastically changed their advice recently, stating that long and complex passwords shouldn’t be required and they don’t need to be changed unless they’ve been compromised in some manner. This has been continuously debated and many security professionals do not agree with this advice. The most important thing to remember is to never reuse the same password for multiple sites. It’s also recommended to use multi-factor authentication whenever possible and a to use a password manager.”

The KnowBe4 World Password Day Kit is available to anyone who is looking to learn more about password best practices and includes:

Complex password guide

Video by Kevin Mitnick on how easy it is to crack a password  

• KnowBe4’s complimentary Password Exposure Test

For more information on KnowBe4, visit

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Work from home securely
Issue 5 2020 , Cyber Security
First Consulting provides enterprise-level IT security to working-from-home employees at more than 40 South African organisations.

Agility, meticulous alignment and testing
Issue 5 2020 , Cyber Security
Data loss can put the nails in the coffin for unprepared businesses. Investing in cyber resilience is key to succeed in the age of digital transformation.

Cybersecurity comment: Cyber threats remain relentless
Issue 5 2020, CA Southern Africa , Cyber Security
Over 80% of email-based threats in Q1 2020 leverage COVID-19 in some form to feign legitimacy to the end user.

11 essential steps to reinforce cybersecurity
Issue 5 2020 , Cyber Security
Wayne Olsen has compiled a guideline to ensure that businesses and their employees are protected while working remotely.

Cybersecurity comment: Securing the real endpoint
Issue 5 2020 , Cyber Security
The corporate perimeter is fast becoming irrelevant, as the so-called security boundary extends to wherever an Internet connection exists.

Don’t squeeze your cyber assets
Issue 5 2020 , Cyber Security
Inadequate investment in cybersecurity is directly related to the spate of cyberattacks we’re seeing in South Africa now.

Cybersecurity comment: Create layers of security
Issue 5 2020 , Cyber Security
Any organisation, whether large or small, public or private, should follow an established framework in order to protect itself against cyber threats.

Next-generation security operations centre
Issue 4 2020, AVeS Cyber Security , Cyber Security
Pay-as-you-use cybersecurity from AveS allows all businesses access to world-class expertise.

Tips on secure remote working
Issue 3 2020 , IT infrastructure, Cyber Security
NordVPN advises how to stay secure while working from home during the coronavirus outbreak.

The Trojan that’s nearly impossible to remove
Issue 3 2020, Kaspersky , Cyber Security
xHelper – the Trojan that’s nearly impossible to remove – continues to infect thousands of devices. How can you stay safe?