401 Access Denied Podcast Ep. 1 | Busting Password Myths
With World Password Day upon us, individuals of all backgrounds and varying levels of cybersecurity hygiene will be confronted with the same question - are my current personal (or corporate) security measures enough? Today's episode will take listeners through a journey of best practices, horror stories, debunked myths, visions of a passwordless future, misconceptions, and just how challenging it really is to crack them.
Share it with friends now!
In this very first episode of the 401 Access Denied Podcast, Mike Gruen, the CISO at Cybrary and Joseph Carson, the Chief Security Scientist at Thycotic, exchanges their views about passwords and it's best practices and much more.
Password is the first thing when it comes to Cyber Fatigue for a majority of the people. Joe talks us through the history of passwords. At present, The number of passwords a user has to remember has grown into a pretty large number. Joe points out that reusing passwords is what makes most people be a victim of cybercrime. Another bad practice that Mike observed is similar patterns in different passwords of a user. Having to remember a lot of passwords is unfeasible. Writing down passwords isn't a great idea unless stored in a secure location. The best thing would be to use a password manager. Joe addresses some key features and functionalities to look for when choosing a password manager. It's hard to leave out Least Privilege when talking about secure authentication and authorization. The Duo shared stories from their past where Least Privilege could have prevented accidental mistakes. The way Companies see Single Sign-On as a security measure is misleading. Instead, they should implement additional authentication factors to make up for it.
The End of Passwords is nowhere near and Biometrics claiming to replace passwords is just a myth. Joe clearly explains how Biometrics acts as a strong identifier and might even replace usernames. We're moving towards lesser interaction with passwords in the future, thereby preventing cybercriminals from compromising our accounts. Mike and Joe concluded their talk by addressing some best practices while creating and managing passwords such as password length, complexity, lifespan, etc. As a final note, Joe reminded us that passwords must be used wisely and aren't going away.