World Password Day
May 1, 2024
World Password Day is observed annually, on the first Thursday in May. The goal is to raise awareness about the need to take better care of our passwords and develop better password habits.
History of World Password Day
Prior to technological advances, passwords were uncommon and mostly used by secret societies. Below is a brief history of how World Password Day was created:
- 1961–Massachusetts Institute of Technology (MIT) creates the computer password so multiple people can use a shared computer system.
- 1976–public-key cryptography (encrypts data with two different keys: public and private) is created so two people can authenticate (validate) each other without exchanging a cryptographic key.
- 1978–researchers publish the first study of its kind, which demonstrates that guessing passwords, based on a person’s identity, is easier than cracking passwords with computers.
- 1986–two-factor authentication emerges and is adopted.
- 2013–World Password Day is created.
Risk of Weak Passwords
Passwords provide an added layer of security, making it more difficult for unauthorized individuals to access our data. Weak passwords put our personal information at risk. A weak password can be easily guessed or cracked by attackers. This can lead to identity theft, financial loss, and other serious consequences.
Cybercriminals use brute force (automation and scripts) to try and guess passwords. The more complex the password, the odds of a brute force attack decrease significantly. Check the chart to see how long it would take to crack your password.
Time to Crack Password
Number of Characters in Password | Numbers Only | Lowercase Letters | Upper & Lowercase Letters | Numbers, Upper & Lowercase Letters | Numbers, Upper & Lowercase Letters & Special Characters |
---|---|---|---|---|---|
4-6 | Instantly | Instantly | Instantly | Instantly | Instantly |
7 | Instantly | Instantly | 1 second | 2 seconds | 4 seconds |
8 | Instantly | Instantly | 28 seconds | 2 minutes | 5 minutes |
9 | Instantly | 3 seconds | 24 minutes | 2 hours | 6 hours |
10 | Instantly | 1 minute | 21 hours | 5 days | 2 weeks |
11 | Instantly | 32 minutes | 1 month | 10 months | 3 years |
12 | 1 second | 14 hours | 6 years | 53 years | 226 years |
NordPass – password manager – conducted research on password habits, over the past few years. They created a list of the Top 200 Most Common Passwords. Open the link, and scroll to the bottom to view the list.
The default filter is All Countries, or you may select a specific country. The information is listed by: rank, password, time to crack, and count (number of times used).
Tips to Create Passwords
Follow these best practices when creating passwords:
- Strong– at least 12 characters long
- Complex– combination of upper-/lower-case letters, numbers, and special characters (when possible)
- Unique– never reuse, none of your passwords should look alike – e.g. changing 1 character or add a 3 at the end
- Multi-Factor Authentication (MFA)– enable (when possible) – requires you to enter your username and password, then prove your identity – e.g. responding to an email/text
Password Trends for 2024 and Beyond
As technology changes and bad actors develop increasingly sophisticated means of attack, best practices around passwords and protecting accounts may change too.
Password-less authentication, such as biometric identifiers (i.e. fingerprint) and single sign-on (SSO), are becoming more popular. For now, passwords are the most common way to secure accounts and prevent unauthorized access. As with physical valuables, we must ensure our digital valuables are secure.