News

World Password Day Is Here, but Its Days Are (Hopefully) Numbered

World Password Day Is Here - featured

Today may be World Password Day, but let’s heighten our security by working towards a day we don’t have passwords anymore.

The first Thursday of May each year is World Password Day. It’s been that way since cybersecurity professionals designated it as such back in 2013. The idea behind it is to remind us all to change our passwords to keep our digital security at its strongest. Most of us know we should update our passwords on the regular, but hey, we all get overloaded. So, having a day to remind us to do it is a good thing, at least until passwords go away.

Even longer ago, in 2005, security consultant Mark Burnett wrote the book on good password hygiene, literally. In his guide Perfect Passwords, he put to paper all of the password tips we still promote today. Don’t use the names of family members or pets, for example, and don’t use sequential numbers.

Over the years, those of us in the business have expanded on the foundation Burnett laid, which eventually begat the designation of World Password Day. We talk about layers of security, using two-factor authentication (2fa) and biometric security. But, that will hopefully soon be the past.

The future lies in passkeys, a newer technology we’ve covered in depth. Using passkeys, I don’t have to remember each of the hundreds of passwords I have for various logins. Passkeys replace those with cryptographic keys that you don’t have to remember. Your Mac or Windows 11 computer, or your phone, handles that for you.

Instead of having to remember your password, a passkey allows you to authenticate using a fingerprint, face scan, or secure PIN. It’s at least 50% faster than using a password, but it’s much more secure, since there’s no way to leak that cryptographic key to someone else.

Apple and Google both teamed up with the FIDO Alliance to make passwords a thing of the past. On the iPhone, passkey support was introduced in 2022, letting the device do all the heavy lifting for you of keeping your digital life secure while still letting you into it. Google quickly followed suit, rolling passkey support into Android in 2023. You can also use passkeys for a Google account easily.

More and more digital services allow you to replace or augment your password with a passkey. According to Google, passkeys have allowed people to authenticate themselves more than 1 billion times across over 400 million Google accounts in less than a year.

So, today might be World Password Day, but let’s keep pushing towards the future: passkeys. Maybe in another year or two, we won’t need the annual reminder day because…well…we won’t have passwords to change anymore.

However, keep in mind that passkeys are the future, but not all sites and services provide the technology. So, as a friendly reminder; makes sure to enable 2fa on all your accounts, and use a password manager like Bitwarden or the one built into your browser.

How many of your accounts can you use passkeys with? Let us know in the comments which ones you want to see next. Or, join us in our forum discussion for additional helpful tips.

1 Comment

1 Comment

  1. andrew

    May 5, 2024 at 9:56 pm

    this sounds like an absolutely terrible idea

Leave a Reply

Your email address will not be published. Required fields are marked *

 

To Top