It was World Password Day yesterday, May 5th, and most experts are agreed that, “A password is not enough”. The World Password Day 2016 website had the following advice:

1. create strong passwords
2. use a different password for each account
3. get a password manager
4. turn on multi-factor authentication, e.g. use your fingerprint.

But many people cannot use multi-factor authentication in their current working environment. So for “World Password Day” WIRED Magazine, assembled 7 password experts on how to lock down your online security, see. They recommended:

1. Think Length, Not Complexity: “A longer password is usually better than a more random password,” says Mark Burnett, author of Perfect Passwords, “as long as the password is at least 12-15 characters long.”
2. Keep it weird
3. Don’t Bunch Up Your Special Characters
4. Never Double Dip: don’t ever use a password twice
5. Don’t Change Them So Dang Often: Don’t change passwords every month. And if you’re an IT admin, don’t force your employees to.
6. Take the Panic Down a Notch: Don’t over complicate things
7. Layer Up: “Don’t rely on passwords alone!” says Neil Wynne, a senior research analyst at Gartner who focuses on business security. “Passwords should not be considered sufficient for anything other than the lowest-risk applications.”

So even WIRED's seven experts, at the end of day, feel you need to have multi-factor authentication.

---

CTMfile take: Hope you had a secure World Password Day, and have a secure year by following the above advice.