# World Password Day ### May 1, 2024 World Password Day is observed annually, on the first Thursday in May. The goal is to raise awareness about the need to take better care of our passwords and develop better password habits. ### History of World Password Day Prior to technological advances, passwords were uncommon and mostly used by secret societies. Below is a brief history of how World Password Day was created: - **1961**–Massachusetts Institute of Technology (MIT) creates the computer password so multiple people can use a shared computer system. - **1976**–public-key cryptography (encrypts data with two different keys: public and private) is created so two people can authenticate (validate) each other without exchanging a cryptographic key. - **1978**–researchers publish the first study of its kind, which demonstrates that guessing passwords, based on a person’s identity, is easier than cracking passwords with computers. - **1986**–two-factor authentication emerges and is adopted. - **2013**–World Password Day is created. ### Risk of Weak Passwords Passwords provide an added layer of security, making it more difficult for unauthorized individuals to access our data. Weak passwords put our personal information at risk. A weak password can be easily guessed or cracked by attackers. This can lead to identity theft, financial loss, and other serious consequences. Cybercriminals use brute force (automation and scripts) to try and guess passwords. The more complex the password, the odds of a brute force attack decrease significantly. Check the chart to see how long it would take to crack your password. #### Time to Crack Password
Time to Crack Password
Number of Characters in PasswordNumbers OnlyLowercase LettersUpper & Lowercase LettersNumbers, Upper & Lowercase LettersNumbers, Upper & Lowercase Letters & Special Characters
4-6InstantlyInstantlyInstantlyInstantlyInstantly
7InstantlyInstantly1 second2 seconds4 seconds
8InstantlyInstantly28 seconds2 minutes5 minutes
9Instantly3 seconds24 minutes2 hours6 hours
10Instantly1 minute21 hours5 days2 weeks
11Instantly32 minutes1 month10 months3 years
121 second14 hours6 years53 years226 years
NordPass – password manager – conducted research on password habits, over the past few years. They created a list of the [Top 200 Most Common Passwords](https://nordpass.com/most-common-passwords-list/). Open the link, and scroll to the bottom to view the list. The default filter is All Countries, or you may select a specific country. The information is listed by: rank, password, time to crack, and count (number of times used). ### Tips to Create Passwords Follow these best practices when creating passwords: 1. **Strong**– at least 12 characters long 2. **Complex**– combination of upper-/lower-case letters, numbers, and special characters (when possible) 3. **Unique**– never reuse, none of your passwords should look alike – e.g. changing 1 character or add a 3 at the end 4. **Multi-Factor Authentication (MFA)**– enable (when possible) – requires you to enter your username and password, then prove your identity – e.g. responding to an email/text ### Password Trends for 2024 and Beyond As technology changes and bad actors develop increasingly sophisticated means of attack, best practices around passwords and protecting accounts may change too. Password-less authentication, such as biometric identifiers (i.e. fingerprint) and single sign-on (SSO), are becoming more popular. For now, passwords are the most common way to secure accounts and prevent unauthorized access. As with physical valuables, we must ensure our digital valuables are secure.