5 Tips to Improve Your Password Security
Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date.
But going beyond an annual password change, Dr. Martin Kraemer, security awareness advocate at KnowBe4, has shared the five following practices all organizations should adopt to improve their security hygiene in 2025:
1. Monitor new passwords automatically: Use available tools to validate new passwords against known breaches and dark web datasets, and alert users to change their passwords if a match is detected.
2. Encourage the use of pass-phrases or randomly generated passwords: Promote pass-phrases or randomly generated passwords for greater strength and resilience against attacks.
3. Require the use of a password manager: Mandate password managers to securely create, store, and manage unique credentials, removing the burden away from the employee to remember long character combinations.
4. Recommend implementing Multi-Factor Authentication (MFA): Strengthen security by requiring an additional verification step, like a code, biometric, or token.
5. Reduce the importance of password complexity in favor of length: Where a password manager cannot be used, encourage employees to focus on longer passwords or pass-phrases rather than relying heavily on complex character requirements.
Dr. Kraemer commented: “While Change Your Password Day is a great reminder to all employees of their individual responsibility when it comes to cybersecurity, in today’s climate, it might be better named ‘Use Strong Authentication Day.’ Changing your password regularly once served as a timely reminder that cybersecurity mattered, even if the act itself did not always result in greater security. Now, the actions required of employees may be different, but the message remains the same—everyone has a part to play in safeguarding their organization against threats."