Actu
Comment from Fujitsu Cyber Security expert - World Password Day
May 2020 by Fiona Boyd, Head of Enterprise and Cyber Security at Fujitsu
The commentary from Fujitsu, on World Password Day.
Fiona shares her thoughts on the importance of password security and the preventative steps that consumers must take, at work, home and otherwise.
Fiona Boyd, Head of Enterprise and Cyber Security at Fujitsu:
“Passwords have long been the foundation of securing access to data and systems and, when used properly, are one of the first lines of defence against cyberattacks. Their importance in cyber defence makes them highly valuable to cyber attackers – obtaining a password can be the first step to accessing systems and data illegally. This can be exacerbated when one password provides access to multiple systems, such as with single sign-on approaches.
“There are many sophisticated ways of protecting systems through one-use passwords and systems that filter access. The following steps are crucial for individuals to maintain good password discipline:
1. Make passwords complex to ensure that they are difficult to guess – It is well known that many people use very simple and often similar passwords to protect their systems, as they are easier to remember. This practice is well-known by attackers who have been successfully leveraging this for many years. Increasing the complexity of passwords reduces the potential for an attacker to successfully guess and misuse access credentials. Anecdotally we suggest that using sentences as your password makes it harder for attackers to successfully guess them.
2. Do not use the same password across different systems – Attackers have been able to successfully exploit situations where passwords have been used across different systems to breach company networks. One such example is an executive using the same password for their personal sports club account and for their work accounts. As the club would be less likely to use such stringent security controls, attackers would be able to obtain the user’s details from there and use these to access corporate systems. Using different passwords across different systems provides an additional level of threat containment.
3. Use passwords as part of the equation – Using passwords as part of a dual- or multi-factor authentication process reduces the risk of attackers being able to breach a system. Passwords combined with measures such as biometrics significantly increases the complexity for attackers to have to work through and acts as a deterrent.”
