Return to Uzone News Portal
Uzone.id – Let’s stop using a date of birth, a pet’s name, or a simple combination of numbers as a password.
Passwords are created to protect accounts from unauthorized access and keep personal information safe. Using a simple password will make it easier for others to break into your account.
In addition, even the most advanced security system will be useless if you use a simple password.
However, will a difficult password not be easy to break? Not really. At the very least, having a strong password will help reduce the risk of hacking. With a mix of letters, numbers, and special characters, it is difficult for hackers to crack passwords with brute force.
When hackers systematically guess passwords, gross force attacks account for 20% of account breach cases over time.
In addition, complex passwords are not vulnerable to dictionary attacks, and the risk of credential theft attacks is reduced. This usually happens when the passwords for several accounts are the same but are accidentally leaked so that they are used to access other sites.
Although it sounds trivial, applying basic rules to create passwords will minimize the risk of account break-ins. Here are the basic rules for creating passwords:
Create a password with a minimum of 8 characters. Mixing uppercase and lowercase letters and numbers does look safer. However, if you are worried about forgetting it in the future, create a password with a mixture of letters and six (minimum) numeric characters.
Recently, using passphrases has been considered much safer than making a series of complicated sentences. A passphrase is a combination of words arranged randomly.
Example:
- Spiderman riding a horse in the afternoon
- Ariana Grande goes to Singapore
- Bruno Mars is eating dim sum in Hong Kong
Creating a strong password wasn’t enough to secure me. Therefore, don’t forget to implement multifactor authentication (MFA). When a password is breached, MFA will be the second protector that will secure the account.
Multifactor authentication (MFA) requires users to provide multiple proofs of identity. It builds a security door that ensures only legitimate users log into the account.
The National Institute of Standards and Technology (NIST) introduced an innovative NIST 2025 password renewal approach. The growing threat of cyberattacks drives this renewal.
To that end, it is important to adopt a layered security approach, which combines strong authentication methods with continuous monitoring and adaptive policies. Let’s discuss it!
1. Passwordless authentication
NIST emphasizes passwordless technology and changes it with biometrics, hardware security keys, and other authentication methods. This method is considered safer to use than traditional password-based authentication.
2. Adaptive password policy
This policy is a new step in managing password security. In the future, the level of password security will be made more flexible and adjusted to needs.
For example, financial and personal information data will be protected by stricter password policies, while general information will be easier to access because password requirements are lighter.
3. Continuous monitoring and evaluation
Continuous monitoring and evaluation help organizations stay alert to threats. This process involves collecting and analyzing data and taking corrective actions if needed.
Owners can identify if the security system is deficient with regular monitoring. If monitoring and evaluation are scheduled at the beginning, data breaches and leaks will also be detected.
Unfortunately, although awareness of the importance of password security has been widely addressed, mistakes persist. This is the most common password creation mistake.
1. Feel that a long password is the best. In fact, why make a long sentence if it is difficult to remember? The use of passphrases can be a solution to this problem.
2. Until now, many site developers have still used password expiration policies for a certain period. Continuously changing passwords is also not wise, and it has been proven that this step is ineffective.
Writer: Aisyah Banowati
