{"id":5383,"date":"2021-06-03T14:55:58","date_gmt":"2021-06-03T18:55:58","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=5383"},"modified":"2021-06-03T14:55:58","modified_gmt":"2021-06-03T18:55:58","slug":"how-to-make-the-best-password-according-to-cybersecurity-experts","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/","title":{"rendered":"How to Make the Best Password (According to Cybersecurity Experts)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-4622\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\" alt=\"How to Make the Best Password (According to Cybersecurity Experts)\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><em><strong>How can you and your business make the best password for each and every account? We gathered best practices information from cybersecurity experts.\u00a0\u00a0<\/strong><\/em><\/p>\n<p style=\"text-align: justify\">World Password Day has come and gone, and yet enterprises continue to struggle with creating strong passwords that hackers can&#8217;t immediately crack or guess. While other <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\">authentication<\/a> options and factors are starting to see more prominence, passwords remain the number one method by which accounts are accessed.<\/p>\n<p>So you, and all of your employees, need to know how to make the best password. Here&#8217;s some advice (and even some arguments about why you should get rid of passwords entirely) from top <a href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\">cybersecurity<\/a> experts on what to do.<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h2 style=\"text-align: justify\">How to Make the Best Password (According to Cybersecurity Experts)<\/h2>\n<h3 style=\"text-align: justify\"><b>Jenn Markey<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Jenn Markey is Director of Identity at <\/span><\/i><a href=\"https:\/\/www.entrust.com\/?edc_sfid=7015Y000002ePurQAE&amp;gclid=Cj0KCQjwp86EBhD7ARIsAFkgakiExiiaazNovHXQ8SJjp0e0Zicoxy3zsouqubpbXnb22hFit5-OxjMaAkoxEALw_wcB\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Entrust<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cOur collective hope as an industry is that one day World Password Day will be obsolete as encryption and advanced authentication replace the age-old practice of entering password credentials to access desired information. But until that day comes, organizations must continue ramping up their security tech and training to fill existing knowledge gaps and avoid detrimental breaches.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Requiring a password plus one or more added credentials, also known as multi-factor authentication (MFA), is a good way to prevent unauthorized account access, but going passwordless is so much better. Virtually every data breach can be traced back to compromised passwords, with phishing being one of the most common attacks. Working from home multiplies this risk with insecure workspaces and an increased propensity for bad habits like writing passwords down.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Instead of passwords, business leaders should work with their security and IT managers to implement and deploy high-assurance credential-based passwordless authentication that merges the power of digital certificates with smartphone biometrics to create an employee\u2019s trusted workplace identity, wherever that workplace may be. By eliminating the password, you effectively protect your organization from phishing attacks which minimize the risk of a data breach.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Dave Wagner<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Dave Wagner is CEO of <\/span><\/i><a href=\"https:\/\/zix.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Zix<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWorld Password Day is an excellent time for individuals and businesses to reflect on their current password practices and ensure they are building the safest habits to protect themselves and their company from cyber-criminals. Many are under the assumption that if they are taking the steps to create unique passwords for each platform and application, they are secure. But it&#8217;s not enough.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The number of headline-grabbing breaches that have taken place over the last year highlight the critical need for safeguards across the entire company network. While there are a few different ways to protect login credentials beyond a simple username and password, one of the most popular and effective options is two-factor authentication (2FA). Implementing 2FA provides an extra layer of security by making users confirm their identity, most often via a unique code sent to the user&#8217;s phone, email address, or through an authenticator app, after entering their username and password. It\u2019s getting easier for cyber-criminals to breach even the most complex password, which is why implementing 2FA is critical.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Email is a common point of attack because it often contains sensitive and valuable communications. Organizations should also consider implementing an email security solution that conducts a security audit to analyze its admins, users, mailboxes, and rules for vulnerabilities such as outdated passwords so they can be resolved before a breach happens. Organizations should use World Password Day to evaluate their internal Password Policies and send reminders to employees and customers alike about the importance of good password hygiene.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Russell P. Reeder<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Russell P. Reeder is CEO of <\/span><\/i><a href=\"https:\/\/www.infrascale.com\/products\/cloud-backup\/?utm_source=google&amp;utm_medium=cpc&amp;utm_campaign=icb-test1&amp;gclid=Cj0KCQjwp86EBhD7ARIsAFkgakitJvEHfT9ZS-RkaahcceyN_W-IjXEI0xYe4yby3vfbiX_B0jOGylEaAqGeEALw_wcB\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Infrascale<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">1. Be Unpredictable\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">There are two common password attacks &#8211; Brute Force and Dictionary attacks. Both generally involve a bot, but can also be done manually, and involve trying a sequence of numbers and\/or common words like 123456 &#8211; hence trying to crack a password using \u201cbrute force\u201d or common \u201cdictionary\u201d words. To minimize this type of exposure, don&#8217;t make your passwords predictable.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">2. Be Creative\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Related to being unpredictable, consider creating a phrase and use the first or second letter of each word, or substitute a special character for letters and\/or numbers. If you just don\u2019t seem to have a creative bone in your body, you can always use a password generator. These are guaranteed to spit out some creative, and secure, password options.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">3. Be Long\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">These days when you get asked to create a password, most have a minimum of 10-12 character length. The longer the password, the more possible combination and permutations of the password there are, and thereby the safer they generally are. However, don\u2019t forget tips 1 and 2, because long common words and sequences of numbers are still easier to crack!\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">4. Be Smart\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Believe it or not, one of the more common reasons passwords are compromised is because people share their credentials. Quite simply &#8211; never, ever share your password(s)! Also, be mindful of phishing &#8211; this is where you receive an email or text message asking for you to confirm your details or take some other action where you need to enter your personal credentials. These types of acts are becoming increasingly sophisticated and can look very legitimate, like an email from your bank. As a good rule of thumb, unless you make a request, don&#8217;t ever enter your credentials. Or, if you have any doubts, contact the organization requesting the information directly.\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">5. Be Fresh\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Refresh your passwords regularly. While it may seem onerous, and even if you think you have finally come up with the most secure password ever, one of the best ways to protect your password is to change it up regularly. In addition, you should use different passwords for different logins \u2013 yes, a different password for every login. Having a unique password for all your accounts assures that if or when one is compromised the others remain protected. Pro tip: If you can&#8217;t remember all your passwords, consider using a secure password manager.\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Elena Elkina<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Elena Elkina (she\/her) is a Partner at <\/span><\/i><a href=\"https:\/\/www.aleada.co\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Aleada<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cAs the LinkedIn breach continues to showcase, many still use PASSWORD as a password. Single-word credentials are no longer safe. Instead, if you must remember your credentials, use passphrases. The danger with this method is that there is still a potential for re-use. The true recommendation is to use an auto-generated password from a password manager. And of course, any set of credentials should be placed behind MFA. We are still some time away from true passwordless authentication, however many players in the authentication space are taking this challenge on full force.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Saryu Nayyar<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Saryu Nayyar (she\/her) is CEO of <\/span><a href=\"https:\/\/gurucul.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Gurucul<\/span><\/a><span style=\"font-weight: 400\">.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cPasswords are the bane of the security team&#8217;s existence. Users use weak passwords, reuse the same passwords, refuse to change passwords, or simply forget them and need help resetting passwords. I thought self-service password reset options would have alleviated the help desk from resetting user passwords. However, it still turns out 20% to 50% of all IT help desk tickets are still for password resets (according to The Gartner Group).<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWe actually have the technology to eliminate passwords altogether, but that would require companies to indulge in passwordless authentication. MFA helps, but users really need to use better passwords. To be effective, passwords must be complex and over 16 characters in length. That&#8217;s why passwords fail because people can&#8217;t remember 17-character passwords &#8211; that are unique for every system. Instead, users should use passphrases they can remember and then append or prepend numbers and characters to make these passphrases complex. &#8220;Every good boy does fine +123&#8221; works. Pick your favorite song lyric and year. Associate your passphrase with the target system to make it easier to remember. Whatever you do, don&#8217;t share your passwords and don&#8217;t reuse them. Once a cyber-criminal gains access to one of your target systems by cracking your password, all your other systems are at risk.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Mathew Newfield<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Mathew Newfield is Chief Infrastructure and Security Officer at <\/span><\/i><a href=\"https:\/\/www.unisys.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Unisys<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201c<\/span><b>Tip # 1:<\/b><span style=\"font-weight: 400\"> Create your private passphrase rather than using a single word. This is a short statement that has meaning to you but is no longer than three or four words. An example of this would be: <\/span><i><span style=\"font-weight: 400\">Puppies are cute<\/span><\/i><span style=\"font-weight: 400\">. This will be your private passphrase and <\/span><b>should not <\/b><span style=\"font-weight: 400\">be shared with anyone.<\/span><\/p>\n<p style=\"text-align: justify\"><b>Tip # 2: <\/b><span style=\"font-weight: 400\">Create a password key. This is your decoder! This key can be printed out and stored in your wallet or purse or even kept on your desk in plain sight. Without your private passphrase, it is useless.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Here\u2019s an example password key:<\/span><\/p>\n<ol style=\"text-align: justify\">\n<li><span style=\"font-weight: 400\"> \u00a0 \u00a0 <\/span><span style=\"font-weight: 400\">Use the first and last letter of each word in your passphrase (mix upper\/lowercase).<\/span><\/li>\n<li><span style=\"font-weight: 400\"> \u00a0 \u00a0 <\/span><span style=\"font-weight: 400\">The letter \u201cA\u201d is substituted with &#8220;@&#8221; symbol.<\/span><\/li>\n<li><span style=\"font-weight: 400\"> \u00a0 \u00a0 <\/span><span style=\"font-weight: 400\">The letter \u201cE\u201d is substituted with the number 3.<\/span><\/li>\n<li><span style=\"font-weight: 400\"> \u00a0 \u00a0 <\/span><span style=\"font-weight: 400\">Add a two-letter (uppercase) designation for what you are authenticating to.<\/span><\/li>\n<li><span style=\"font-weight: 400\"> \u00a0 \u00a0 <\/span><span style=\"font-weight: 400\">Add a two-letter (lowercase) designation for the current season of the year.<\/span><\/li>\n<li><span style=\"font-weight: 400\"> \u00a0 \u00a0 <\/span><span style=\"font-weight: 400\">Add last two digits for the current year.<\/span><\/li>\n<\/ol>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">With your password key you will be able to transform your passphrase \u2013 e.g., <\/span><i><span style=\"font-weight: 400\">Puppies are cute <\/span><\/i><span style=\"font-weight: 400\">\u2013 into a complex password as demonstrated below.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Step 1: Use first \/ last letters of each word in your passphrase. <\/span><b>PSAECE<\/b><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Step 2: Substitute A = @ <\/span><b>PS@ECE<\/b><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Step 3: Substitute E = 3<\/span> <b>PS@3C3<\/b><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Step 4:<\/span> <span style=\"font-weight: 400\">Add 2 Uppercase letters for authentication type (e.g., NW = network, etc) <\/span><b>PS@3C3NW<\/b><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Step 5: Add 2 Lowercase letters for season (e.g., wr = Winter, sg = Spring, etc.). <\/span><b>PS@3C3NWsg<\/b><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Step 6:<\/span> <span style=\"font-weight: 400\">Add last 2-digits of current year. <\/span><b>PS@3C3NWsg21<\/b><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Bonus Tip: Periodic password changes are recommended; using this method one can simply change the season and year to maintain password complexity.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Tom \u201cTJ\u201d Jermoluk<\/b><\/h3>\n<p style=\"text-align: justify\"><em><span style=\"font-weight: 400\">Tom \u201cTJ\u201d Jermoluk is CEO of <\/span><a href=\"https:\/\/www.beyondidentity.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Beyond Identity<\/span><\/a><span style=\"font-weight: 400\">.<\/span><\/em><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWhen World Password Day was established in 2013, the world recognized that passwords were a necessary evil, despite being a flawed and insecure method of authentication. But the root of the problem goes back to the foundation of the \u2018commercial internet\u2019 in the mid-1990s, when Netscape and others enabled widespread access and consumer accounts, prompting a massive need and meteoric rise in password use, and beginning an era of consumer insecurity and exposure.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Fast forward to today and the problem has ballooned. Verizon\u2019s 2020 Data Breach Investigations Report (DBIR) revealed that 80 percent of breaches use stolen credentials, collected either through database leaks or phishing attacks. And even if you follow recommendations for password hygiene, criminals can still get their hands on your password through a range of means \u2013 from fraudulent \u2018phishing\u2019 sites to insecure password databases and even commandeering your phone to intercept password reset messages.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The industry has responded by putting an even greater burden \u2013 not to mention blame \u2013 on consumers, to compensate for what can only be described as a complete systemic failure and an unwillingness to upset the market apple cart by refusing to fix the foundational issue. Complexity and user frustration are ever-increasing with forced password resets, cumbersome password creation requirements, and extra steps for multi-factor authentication (MFA). In summary, consumers must expect and demand better of their internet security and end the \u2018stupid user\u2019 blame game. The industry itself is headed in this direction with corporations and groups advocating for the eradication of passwords \u2013 but the industry is not moving fast enough, and the technology exists to make change now.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Tim Bandos<\/b><\/h3>\n<p style=\"text-align: justify\"><em><span style=\"font-weight: 400\">Tim Bandos is CISO at <\/span><a href=\"https:\/\/digitalguardian.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Digital Guardian.<\/span><\/a><span style=\"font-weight: 400\">\u00a0<\/span><\/em><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWhile a lot of the coverage about passwords focuses on business users, it\u2019s really important not to overlook children and teens in this discussion. They will typically make some of the same types of common mistakes as adults when creating and using online passwords, but there are several that stand out the most for this age group.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">One of the worst is sharing credentials with friends, boyfriends\/girlfriends, etc. At that age, relationships tend to be shorter in duration and some kids end up using the shared access against each other such as posting inappropriate messages on social media accounts or conducting surveillance over account activity. This type of password-sharing behavior may even stem from early childhood when parents would share their credentials with their kids for accessing devices or online sites. This should be avoided at all costs.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Secondly, kids and teens are exposed to devices everywhere they go from the library, to school, to over a friend\u2019s house, etc. It\u2019s important to avoid entering your credentials on untrusted devices that you do not own, control, or completely trust. Devices in public places should only be used for anonymous web browsing and not for logging into any of your online accounts since passwords can be easily stolen from these types of computers.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Finally, it\u2019s important to avoid using personal information when creating any of your passwords. Young kids, and even adults for that matter, want to generate a password that is easy enough to remember. So they\u2019ll use their name, birthdate, address, phone number, etc. These are all details that can be either easily guessed or end up further exposing you if a website is ever compromised.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Dr. Mohamed Lazzouni<\/b><\/h3>\n<p style=\"text-align: justify\"><em><span style=\"font-weight: 400\">Dr. Mohamed Lazzouni is CTO of <\/span><a href=\"https:\/\/www.awarehq.com\/?utm_source=google&amp;utm_medium=cpc&amp;utm_content=rsa-awarehq&amp;utm_campaign=usa-google-search-brand&amp;utm_term=aware&amp;utm_term=aware&amp;utm_campaign=Brand_2020&amp;utm_source=adwords&amp;utm_medium=ppc&amp;hsa_acc=9037022891&amp;hsa_cam=2040379671&amp;hsa_grp=70454909645&amp;hsa_ad=412825959060&amp;hsa_src=g&amp;hsa_tgt=kwd-301037511833&amp;hsa_kw=aware&amp;hsa_mt=e&amp;hsa_net=adwords&amp;hsa_ver=3&amp;gclid=Cj0KCQjwp86EBhD7ARIsAFkgakjbyksS_a4GEO3ahSAnV6HJKWWjLg2EhbTniyvJ1Dx1DiEReumNqrkaApSMEALw_wcB\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Aware<\/span><\/a><span style=\"font-weight: 400\">.<\/span><\/em><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201c2020 saw a huge spike in cyber-crime following the COVID-19 pandemic, and as 2021 progresses the vulnerabilities continue to surge across all sectors. World Password Day was born to popularize some of the best practices in password protection, mainly the need to change passwords, use different ones for different applications, and choose complex compositions using letters, symbols, and numbers.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, the benefits of varied, long, and complex passwords add to the burden and the anxiety of the user. Luckily, many technologies have progressed significantly to lower the friction without compromising on security. As an example, biometric authentication gained considerable adoption amongst users to simply use face or voice biometrics to unlock devices or sign in into accounts.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If users must continue to use passwords, they should ensure they are following password hygiene in order to remain resilient to attacks on their personal information \u2013 many of which are not difficult to implement.<\/span><\/p>\n<ul style=\"text-align: justify\">\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">First, choose challenging passwords using a combination of letters, symbols, and numbers.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Second, make them long enough and, where applicable, follow the guideline of the site providing password strength feedback.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Do not use the same password across multiple accounts. This way, if a password associated with a lower-risk account is breached you prevent the attacker from carrying out additional breaches on higher-risk accounts that hold information such as financial records safeguarded by an often-used password.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Be cautious of anyone reaching out to \u201cverify\u201d contact information. Knowing definitively who you are providing your information to is critical.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Look for security options that include biometrics (face, voice, fingerprint) during verification processes.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Avoid sharing sensitive information over e-mail or other non-encrypted methods.\u201d<\/span><\/li>\n<li style=\"font-weight: 400\"><i><span style=\"font-weight: 400\">Beware of phishing attacks where password reset requests are disguised through websites and phone calls impersonating legitimate businesses or government agencies.<\/span><\/i><\/li>\n<li style=\"font-weight: 400\"><i><span style=\"font-weight: 400\">And if you suspect you have been a victim to identity theft immediately notify the concerned parties and authorities to report the incident.<\/span><\/i><span style=\"font-weight: 400\">\u201d<\/span><\/li>\n<\/ul>\n<h3 style=\"text-align: justify\"><b>Tim Sadler<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Tim Sadler is CEO and Co-Founder of <\/span><\/i><a href=\"https:\/\/www.tessian.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Tessian<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWorld Password Day is a great reminder to take inventory of our passwords, including where they are stored, whether you reuse them for multiple accounts, and their complexity. Tessian\u2019s recent report found that 77 percent of people reuse passwords, and 21 percent use predictable cues like their favorite football team, their pet\u2019s name, or birthdays when crafting passwords. The problem? These personal details are likely to be found on people\u2019s social media channels, making it easy for hackers to scan publicly available information to try to crack passwords or even answer the security questions.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">To prevent account takeover and business email compromise, CISOs and their teams should help educate employees about their social media footprint, cybersecurity best practices, and how to spot impersonation attacks. They should also reinforce the need for strong passwords that don\u2019t include names or names of pets, birth dates, location, or other information that\u2019s easy to find online. Even better, use a password manager like 1Password to randomly generate impossible-to-hack passwords. And while it can be tempting to reuse passwords that are easy to remember, never reuse or duplicate any passwords for personal or professional accounts. A bad actor could guess just one password and gain access to multiple accounts.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Corey Nachreiner<\/b><\/h3>\n<p style=\"text-align: justify\"><em><span style=\"font-weight: 400\">Corey Nachreiner is CTO of <\/span><a href=\"https:\/\/www.watchguard.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">WatchGuard Technologies<\/span><\/a><span style=\"font-weight: 400\">.\u00a0<\/span><\/em><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWorld Password Day has served as an annual reminder that we all need to practice better password security for nearly a decade. And yet, 80 percent of breaches began with brute force attacks or lost or stolen credentials last year. Attackers add millions of new usernames and passwords every day to the billions already available on the dark web. This has been the trend for years now, so at a certain point we have to ask if daily headlines on the latest security breaches and hacks aren\u2019t enough of a cue to practice good password hygiene, is there much value in World Password Day?<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u00a0Yes, it\u2019s a helpful prompt to use best practices like changing passwords for your accounts regularly, choosing strong passwords or passphrases with at least 16 characters, using a unique password for every account, and leveraging password managers to keep track of them all. But these password security policies should be basic table stakes at every organization by now and should be required and reinforced all year long.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">I believe that a \u2018World MFA Day\u2019 would be a more powerful and effective observance when it comes to strengthening corporate and individual security. Authentication is the cornerstone of good security, and multi-factor authentication means users must provide at least one additional token on top of their password to log into an account. These authentication tokens are typically something you are (biometric fingerprint or facial scans), something you have (like a hardware key or mobile phone) and something you know (like a password). MFA allows you to ensure that even if an attacker gains access to one of these tokens, like a user password, they\u2019ll be unable to log in without the second (and sometimes third) authentication token. It\u2019s an absolute no-brainer when it comes to addressing the widespread and persistent issues around poor password security and should be a primary focus for both businesses and individual users. So let\u2019s make World MFA Day a reality in 2021!\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Ian Pitt<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Ian Pitt is CIO of <\/span><\/i><a href=\"https:\/\/www.logmein.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">LogMeIn<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.<\/span><\/i><span style=\"font-weight: 400\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cThis year&#8217;s World Password Day serves as another reminder that passwords play a pivotal role in protecting business information and enhancing overall security efforts. While organizations and individuals understand the importance of strong passwords, many continue to neglect password best practices leaving their organizations vulnerable to cyber-attacks. In fact, a large majority of people understand the risks associated with reusing the same password across multiple accounts, yet they still do it. As we approach a post-pandemic world and enterprises allow long-term remote work, cyber-criminals will continue to target those with poor security behaviors. Given this, companies need to encourage employees to improve password behaviors to increase the organization&#8217;s overall security. Below are some password best practices to ensure data is effectively protected.\u00a0<\/span><\/p>\n<ul style=\"text-align: justify\">\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">\u00a0\u00a0<\/span><b>Give your passwords a safe home:<\/b><span style=\"font-weight: 400\"> Selecting the right password manager offers a safe, secure digital vault to store usernames and passwords.<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">\u00a0<\/span><b>Generate unique passwords: <\/b><span style=\"font-weight: 400\">Be sure to create strong and unique passwords for personal and business accounts, to decrease the chances of hackers compromising information.\u00a0\u00a0<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">\u00a0<\/span><b>Implement multi-factor authentication: <\/b><span style=\"font-weight: 400\">Turn on MFA when possible, to decrease hackers&#8217; chances of accessing important information such as email and bank accounts<\/span><b>.\u00a0 <\/b><span style=\"font-weight: 400\">\u00a0<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><b>Update Software:<\/b><span style=\"font-weight: 400\"> Be sure to keep all home devices such as computers, mobile devices, or routers updated with the latest software, so others cannot tap into your network.\u201d<\/span><\/li>\n<\/ul>\n<h3 style=\"text-align: justify\"><b>Tyler Reese<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Tyler Reese is Manager of PAM Strategy at <\/span><\/i><a href=\"https:\/\/www.oneidentity.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">One Identity<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cWorld Password Day this year is a reminder for organizations to acknowledge the gaps created by passwords and consider alternatives and the concept of a passwordless future. The most notorious breaches of the last year have all involved weak or compromised credentials, showcasing that passwords are still the easiest way for cyber-criminals to access a network. Stolen passwords are now more difficult than ever for IT teams to flag as a threat and can allow an unauthorized user to access a system undetected for a long period of time. Best practices such as enforcing the principle of least privilege, implementing multi-factor authentication, and educating employees on strong password hygiene will strengthen enterprises\u2019 cybersecurity posture.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, as long as the concept of requiring a person to remember multiple passwords is a major part of an organization&#8217;s security strategy, the risk still remains. Instead of solely relying on passwords, enterprises should implement multi-factor authentication to protect accounts from password compromises.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Organizations should also investigate behavioral biometrics technologies for identity access and authentication purposes. Using machine learning to identify a baseline of user behavior, systems can flag when users deviate from their typical behavior and take immediate action, shortening the time it takes to detect and remediate an incident. Combining consistent messaging to employees, access and authentication practices, auditing and behavioral biometrics creates a strong cybersecurity defense for enterprises, and will be fundamental to the industry\u2019s step towards a passwordless future.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Aaron Cockerill<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Aaron Cockerill is Chief Strategy Officer at <\/span><\/i><a href=\"https:\/\/www.lookout.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Lookout<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cPasswords need to go. We should not be celebrating World Password Day, we should celebrate the day no one ever needs to remember a password ever again. And That day is coming. But in the meantime, there is a lot of support to help us with systems that still require them. Password managers and even browsers now notify you when passwords are repeated or stolen, and they suggest longer and stronger passwords that they remember rather than you having to. And increasingly your password can be strengthened by things like second factors and biometrics. Increasingly, identity will be established using intelligent devices like your smartphone, leveraging both encryption and biometric sensors, and passwords will become a thing of the past. The challenge then is to know that your smartphone is safe.\u201d\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Chris Morales<\/b><\/h3>\n<p style=\"text-align: justify\"><i><span style=\"font-weight: 400\">Chris Morales is Chief Information Security Officer at <\/span><\/i><a href=\"https:\/\/netenrich.com\/\" target=\"_blank\" rel=\"noopener\"><i><span style=\"font-weight: 400\">Netenrich<\/span><\/i><\/a><i><span style=\"font-weight: 400\">.\u00a0\u00a0<\/span><\/i><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cGood password security is not relying on a password for security. It is concerning that the cybersecurity industry still gives a false sense of hope as an excuse to continue to force a poor user experience on everyone. Passwords are stolen in large files and databases from poorly configured apps by the millions, or auth tokens are compromised for account takeover. For that reason, all passwords are useless regardless of strength.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">It is insane \u201cwhat you know\u201d is still the primary means of validating identity for online systems which then provide complete access to a broad set of resources with no further validation. That would be like giving my house keys to a random man on the street who claims to be my mom and can prove it by telling me the name of my dog when I was a kid. Even worse if my mom is standing right next to me but doesn\u2019t remember that dog&#8217;s name so I trust the stranger but not her. Password complexity is the equivalent of expecting the stranger to give me a whole list of random facts as proof. Does not matter how much he knows. Still not my mom.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Sounds ridiculous right? The cybersecurity industry has built an authentication system that can only be considered inhumane and with a singular value of infuriating everyone. People are the victims, not the cause of breaches.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">User access should be adaptive based on level of need and risk. A person should be allowed the appropriate level of access to the appropriate resources at the appropriate time. Most importantly, access should be fluid and not require an incomprehensible amount of user input or predetermined knowledge.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For authentication, the number of variables is more important than the level of complexity of those variables. No reason a password is anything more than a 4-to-6-digit pin. Authentication can be based on who you are (biometrics) what you know (pin) what you have (device\/token) and where you are authenticating from (geolocation). Even then, authentication is not trust. Trust is situational awareness. What do you need, why do you need it, when do you need it, and what is your current operating environment? The operating environment is a measure of the risk of providing that access even when the need is justified and the identity asking is authenticated.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">There is a combination of local authentication methods combined with remote risk analytics here. Totally doable and the outcome is less intrusive on the end-user so we can stop blaming people for human error as to why a breach occurred. To err is human.\u201d<\/span><\/p>\n<h3 style=\"text-align: justify\"><strong>Mike Puglia<\/strong><\/h3>\n<p dir=\"ltr\" style=\"text-align: justify\">Mike Puglia is Chief Strategy Officer at<a href=\"https:\/\/www.kaseya.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"0\"> Kaseya.<\/a><\/p>\n<p dir=\"ltr\" style=\"text-align: justify\">\u201cThe average adult has more than 20 passwords they use, so it\u2019s not surprising that<a href=\"https:\/\/www.idagent.com\/these-bad-passwords-make-every-day-groundhog-day-for-it-teams\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"1\"> 39 percent of people say most of their passwords across both their work and home applications are identical.<\/a> There are billions of passwords available on the dark web, and password reuse makes it even easier for hackers to use stolen credentials to conduct phishing attacks and spread ransomware. In addition to reusing passwords, individuals often pick words or number combinations that are easy to remember. When we did a scan of nearly three million passwords found on the dark web in 2020, we saw that<a href=\"https:\/\/www.idagent.com\/news\/its-a-doozie-id-agent-celebrates-groundhog-day-with-list-of-20-most-common-passwords-of-2020\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"2\"> 92 of the top 250<\/a> most common passwords were first names or variations of first names.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify\">Every year since the 1990\u2019s, there is some proclamation that passwords are going away \u2013 they aren\u2019t. We\u2019ve made great strides in areas like thumbprints, tokens, facial recognition, but don\u2019t expect passwords to disappear in the next few years.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify\">According to the Verizon Breach Report, the number one malware variant isn\u2019t ransomware\u2014it\u2019s password dumpers. Password dumpers are favored by cybercriminals because passwords get attackers so much more \u2013 it makes it easier to propagate ransomware, steal data, and gain entry for long term access. It\u2019s also become so much easier for attackers to use those passwords. Adversaries no longer have to target millions of individual organizations one by one &#8211; they can simply attempt logins against the major cloud and SaaS sites, especially since almost every company has some employee accounts on Google, Microsoft or Amazon. The access to targets supporting 95% of the world\u2019s organizations are a click away from any location.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify\">The bar is now ridiculously low for attackers. It requires minimal technical ability, and the financial cost to carry attacks out is negligible. Simply buying credential lists and attack kits yields 0.2%-0.5% success rates, and the attacks can be run by anyone. Additionally, today\u2019s targets are centralized into a small number of environments that everyone uses.\u00a0 As long as the success rates remain high and the cost and effort remains low, these attacks will continue to increase.<\/p>\n<p dir=\"ltr\" style=\"text-align: justify\">In 2001, I recall walking around with an RSA MFA token on my belt. Though 20 years later MFA is still not ubiquitous, the next few years will bring significant changes. The next five years will bring password plus MFA for all logins, with password only being the exception. It\u2019s already happening with consumer accounts \u2013 banks, phones, even gaming systems- and now we are seeing it roll out across all business applications. Though MFA cannot stop 100% of attacks, it raises the effort and costs required for adversaries to be successful. It is the only way we start to lower the number of breaches.\u201d<\/p>\n<p dir=\"ltr\" style=\"text-align: justify\"><div class=\"hr hr\"><\/div><\/p>\n<p dir=\"ltr\"><span style=\"font-weight: 400\">Thanks to these cybersecurity professionals for their advice on how to make the best password. For more information on stronger, more secure passwords and other identity management best practices, check out the <span style=\"text-decoration: underline\"><strong><a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\">Identity Management Buyer\u2019s Guide<\/a><\/strong><\/span> or the <span style=\"text-decoration: underline\"><strong><a href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\">Solutions Suggestion Engine<\/a><\/strong><\/span>.\u00a0<\/span><\/p>\n<p dir=\"ltr\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>How can you and your business make the best password for each and every account? We gathered best practices information from cybersecurity experts.\u00a0\u00a0 World Password Day has come and gone, and yet enterprises continue to struggle with creating strong passwords that hackers can&#8217;t immediately crack or guess. While other authentication options and factors are starting [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":4622,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[142,125,16,1701,1204,76,425,1578,91,1702,1416],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Make the Best Password (According to Cybersecurity Experts)<\/title>\n<meta name=\"description\" content=\"How can you and your business make the best password for each and every account? We gathered best practices information from cybersecurity experts.\u00a0\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"23 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/\",\"name\":\"How to Make the Best Password (According to Cybersecurity Experts)\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\",\"datePublished\":\"2021-06-03T18:55:58+00:00\",\"dateModified\":\"2021-06-03T18:55:58+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"How can you and your business make the best password for each and every account? We gathered best practices information from cybersecurity experts.\u00a0\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\",\"width\":800,\"height\":400,\"caption\":\"Why Identity Governance Takes on New Importance in Remote Workplaces\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Make the Best Password (According to Cybersecurity Experts)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Identity and Access Management Solutions | Solutions Review\",\"description\":\"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Make the Best Password (According to Cybersecurity Experts)","description":"How can you and your business make the best password for each and every account? We gathered best practices information from cybersecurity experts.\u00a0\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"23 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/","url":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/","name":"How to Make the Best Password (According to Cybersecurity Experts)","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg","datePublished":"2021-06-03T18:55:58+00:00","dateModified":"2021-06-03T18:55:58+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"How can you and your business make the best password for each and every account? We gathered best practices information from cybersecurity experts.\u00a0\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg","width":800,"height":400,"caption":"Why Identity Governance Takes on New Importance in Remote Workplaces"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/how-to-make-the-best-password-according-to-cybersecurity-experts\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"How to Make the Best Password (According to Cybersecurity Experts)"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Identity and Access Management Solutions | Solutions Review","description":"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5383"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=5383"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5383\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/4622"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=5383"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=5383"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=5383"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}