Cyxcel comments  on World Password Day

​

On World Password Day, we talk to Michela Resta, Data Privacy and Cyber Security Solicitor, at CyXcel about why social media is fast becoming a vital building block for hackers.

“Everyone knows they shouldn’t use their child’s name or their date of birth as a password.  But the real habitual change comes when people understand why. We live our lives online.  A quick scroll through social media can reveal your children’s names, your football allegiances, or the street you grew up on.  This data, while seemingly innocent, can become the building blocks of a hacker’s social engineering playbook.  It’s therefore advised that passwords steer clear of anything that can be gleaned from your social media feed and instead adopts a mix of upper- and lower-case letters, numbers, and special characters.”
 
“World Password Day is not just important for individuals; organizations also have a role to play.  For organizations, good password hygiene is not just having a password policy but enforcing it.  If a policy mandates ten-character passwords with a mix of symbols, numbers, and uppercase letters it is fundamental that your systems back this up and does not let users bypass the rules or recycle their old passwords.”
 
“However, we must all remember, passwords, no matter how strong, aren’t ‘hacker’ proof.  Even with Multi-Factor Authentication, risks like device compromise and social engineering can lead to a breach . This underscores the importance of organizational resilience.   It is essential that organizations not only implement strong cyber security measures but also maintain a well-developed and regularly tested incident response plan.  Conducting tabletop exercises can ensure that in the event of a breach, organisations are equipped to respond effectively and minimise impact.”