BusinessConsumer

Actions

Security experts say: treat your passwords like underwear, change them often

Posted
and last updated

It’s being called an “identity crisis” and one of the most important issues of our times. 

With nearly three billion personal records stolen last year alone, experts say one in two Americans lost some sort of information. 

Data theft, things like stolen Social Security numbers, dates of birth and mother’s maiden name, is an equal opportunity crime. But when it comes to the future of security, millennials are leading the way.

“Millennials are already having an impact on how we access systems, whether it’s using their fingerprint or maybe their face to identify themselves. But also, millennials have moved past passwords,” says Caleb Barlow, VP of Threat Intelligence for IBM.

Yes, according to a new IBM survey, only 42% of millennials rely on complex passwords while three quarters are comfortable with biometrics. 

That is not a surprise to Allison Ritter, Creative Director for IBM’s X-Force Command Center. As a millennial herself she says, “As a millennial, conveniences are really a number one priority. We’re moving really fast every day, and we really want to think about what are other ways for us to use and secure our online identity.”

When it comes to how we protect ourselves, the research finds there is a generation gap. Those over 55 are not as likely to use biometrics at this point.

Experts at IBM Security say they prove everyday why we can no longer solely rely on passwords. We were shown their top secret ‘password cracker’.

Dustin Heywood, a Password Cracker at IBM X-Force Red, says, “It can try up to 340 billion keys per second, which means we can brute force many common passwords in as little as two minutes.” We actually saw it crack a password in seven seconds!

Experts say, even if you don’t trust biometrics quite yet, think of it as one tool in the security toolbox. Barlow says, “It can be used in conjunction with other forms of access. So for example, in order to authenticate myself maybe into my bank account, it might be a combination of a password, something that I know, but also maybe biometrics like my fingerprint, something that I have.”

Multi-step authentication may also include a text, email or security question proving your identity. Use a password manager to keep track of various passwords across various accounts, Also, opt for passphrases instead of passwords. 

And the number one tip? Heywood says, “Treat your passwords like underwear. Change them often and don’t share them with anybody.”