Manikandan Thangaraj, Vice President, ManageEngine
“Despite passwordless authentication being a recent trend, passwords will definitely continue to serve as the simplest and most effective means to secure identities in 2023. They are easy to use, can be changed if needed, and do not demand additional software or hardware to function.
As crucial as they are for identity security, passwords can also be vulnerable to various attacks. Weak and easy-to-remember user passwords are usually the main cause behind these attacks. Additionally, seldom changing passwords and using the same login credentials for multiple online platforms and personas creates a higher risk of falling victim to password attacks.
The only way in which organizations can withstand password attacks is by adhering to the password best practices recommended by regulatory standards. Employing longer passwords, as suggested by NIST, works wonders in defending against sophisticated password attacks. Including all character types and symbols, and avoiding dictionary words, common patterns, and usernames in passwords enhances their complexity and security. Compliance regulations like the GDPR, HIPAA, and the PCI DSS also recommend that companies use multi-factor authentication (MFA) methods to bolster identity security.”