1 February marks the annual Change Your Password Day – an important occasion to draw attention to the growing threat posed by insecure passwords and digital attacks. The latest IBM report ‘Cost of a Data Breach 2024â shows that data breaches cost an average of 4.88 million US dollars worldwide in 2024 – an increase of 10% compared to the previous year and the highest figure ever recorded. A significant proportion of these incidents can be attributed to compromised or stolen passwords.
The digital threat landscape requires a conscious and strategic approach to password security. Modern authentication tools offer solutions to make safe digital behaviour easier to implement. 1 February is, therefore, a good opportunity to review and adapt existing IT security measures,” advises Prof. Norbert Pohlmann, Member of the Board for IT Security at eco – Association of the Internet Industry.
Insecure passwords: a risk with far-reaching consequences
Cyberattacks and data breaches cause considerable economic harm and jeopardise the digital security of companies and private individuals alike. Shadow data, i.e. data that is stored outside regular IT structures and is often inadequately protected, is also problematic.
A compromised password can have serious consequences and expose a large amount of sensitive information – especially if unauthorised access is gained via a smartphone with its various apps. In addition to financial accounts and bank data, email and company communications, social networks and cloud storage, highly sensitive health data can also be affected, especially since the introduction of the electronic patient record (EPR).
From changing passwords to modern IT security strategies
Modern password managers and two-factor authentication (2FA) reduce the need to constantly change passwords and facilitate the safe management of digital access data. At the same time, a comprehensive IT security strategy and sensitisation to digital threats are taking centre stage. Companies and private individuals benefit in the long term from proven IT security practices that go beyond simply changing passwords.
This is what eco security experts recommend for more password security:
- Use password managers: Automated IT security tools generate complex, unique passwords for each application and store them in encrypted form. This is particularly helpful for people who are used to using one password for several accounts.
- Choose alphanumeric passphrases: Long, complex combinations of letters, numbers and special characters are more secure than simple terms. For example, ââMyDogIsAGoldenRetriever!2024ââ is easier to remember but still difficult to decipher.
- Do not use any personal information: Names of pets, dates of birth or favourite places are easy to guess and should be avoided.
- Activate two-factor authentication: Additional security measures make it more difficult for unauthorised third parties to gain access, even if a password has been compromised.
- Perform regular security checks: Services such as âHave I Been Pwnedâ help to recognise compromised access data at an early stage.
