drj logo

"*" indicates required fields

Name*
Zip Code*
Please enter a number from 0 to 100.
Strength indicator
I agree to the Terms of Service and Privacy Policy*
Yes, of course I want to receive emails from DRJ!
This field is for validation purposes and should be left unchanged.

Already have an account? Log in

drj logo

Welcome to DRJ

Already registered user? Please login here

Login Form

Register
Forgot password? Click here to reset

Create new account
(it's completely free). Subscribe

x
DRJ Fall 2025 Dallas Show
Skip to content
Disaster Recovery Journal
  • EN ESPAÑOL
  • SIGN IN
  • SUBSCRIBE
  • THE JOURNAL
    • Why Subscribe to DRJ
    • Digital Edition
    • Article Submission
    • DRJ Annual Resource Directories
    • Article Archives
    • Career Spotlight
  • EVENTS
    • DRJ Fall 2025
    • DRJ Spring 2026 Call for Papers
    • DRJ Scholarship
    • Other Industry Events
    • Schedule & Archive
    • Send Your Feedback
  • WEBINARS
    • Upcoming Webinars
    • On Demand
  • MENTOR PROGRAM
  • DRJ ACADEMY
    • DRJ Academy
    • Beginner’s Guide to BC
  • RESOURCES
    • New to Business Continuity?
    • White Papers
    • DR Rules and Regs
    • Planning Groups
    • Business Resilience Decoded
    • DRJ Glossary of Business Continuity Terms
    • Careers
  • ABOUT
    • Advertise with DRJ
    • DEI
    • Board and Committees
      • Executive Council Members
      • Editorial Advisory Board
      • Career Development Committee
      • Glossary Committee
      • Rules and Regulations Committee
  • Podcast

Tech Experts Speaking on the Importance of World Password Day

by Jon Seals | May 7, 2020 | | 0 comments

May 7 is World Password Day. This day is use to spread awareness on the importance of password security and highlights ways in which to ensure that your password is difficult to hack. With the recent boom in remote workers due to COVID-19, it is more important than ever to ensure that you are following the necessary steps for having a a solid password.

To celebrate this day, several tech experts have provided their thoughts and advice on how to ensure that your business and its employees are taking the necessary steps to have a robust and strong password supported by enhanced security systems:

Bryan Becker, product manager and researcher, WhiteHat Security:
“The recent credential stuffing campaigns against the World Health Organization and Gates Foundation and breach of children’s site Webkinz reinforce the importance of setting a different username/password combination for every application you utilize as an end user to protect your own information and your employer’s. It is essential to practice security mindedness as you browse the web to lessen the impact data breaches will have on you and your organization once they occur. Some other tips you can practice to secure yourself online are:

  • Utilize multi-factor authentication on any application that supports it. This can prevent an attacker from gaining access to your account even if they determine your username/password combination
  • Only log into sites that send your credentials and other sensitive information over SSL. A quick way to determine this is if the URL you are viewing is prefaced with ‘https://’
  • Whenever you’re checking your email in a web browser and are sent messages with hyperlinks, hover your mouse over the links and verify where the link is really going to take you to by looking at the URL that appears on the lower left corner of the screen. It’s possible the blue highlighted URL written in the email body is actually a disguised malicious link.

There’s no better time to reinforce taking these precautions than World Password Day, and I hope everyone uses this day to promote better password habits to their employees, colleagues and even family members. Passwords are essential to keep our digital identities private, and we must do everything we can to make sure they don’t fall into the wrong hands.”

Jeff Hussey, CEO, Tempered
“It’s a common misconception that having a password that is lengthy with complex requirements will be enough to keep your credentials secure. However a recent study found that 74% of IT decision makers’ organizations were breached in the past via privileged access credential abuse.

For years, the traditional tools to prevent credential-based attacks have been firewalls, password policy, URL filtering, and 2-factor authentication. These technologies continue to play a role, but they remain susceptible to attacks and are challenging to manage at scale.

On World Password Day, it’s important to understand that there’s now another option: invisibility. In simple terms, hackers can’t hack what they can’t see. So, instead of the costly and complex process of installing even more locks on the doors to your network, you can now make your network invisible to these bad actors. You start with cryptographic identities and zero-trust at the network level, along with multi-factor authentication (MFA) to decide who gets to see which endpoints. Then it’s no longer a matter of determining which vulnerable endpoints need to be secured, because no endpoints are visible, much less vulnerable to hackers.

It’s called Airwall, and it is the ideal solution for companies that need to protect their valuable data and critical for the new world of work-from-home employees.”

Mihir Shah, CEO,
Nexsan, a StorCentric company
“For individuals seeking to protect their personal information and secure their online accounts, a strong password is a critical first line of defense. But, if you are a commercial, nonprofit or government organization, a password, regardless of how unique or how often it is updated, will barely scratch the IT security surface. The only true protection for an organization’s high value data is to aggressively lock it down using a hardened storage solution that has been engineered with the understanding that attempts at corruption or deletion can come from anyone, anywhere and at any time. The solution must be capable of recognizing and rejecting every such attempt, regardless of whether it’s from a virus, ransomware, spyware, user mistakes, software error – or a new threat that hasn’t even been discovered yet.”

JG Heithcock, GM, Retrospect, a StorCentric company
“World Password Day reminds us of just how critical it is to take every precaution to protect ourselves and our data. And certainly, a unique password is a great place to start, but, you can’t stop there. Cyberthreats like ransomware are becoming increasingly pervasive, affecting homes and businesses alike. However, by proactively employing a data protection strategy that includes an effective and efficient backup solution, you will be able to thwart cybercriminals and ensure your data remains private, secure, accessible and recoverable.”

Jay Ryerse, VP, Cybersecurity Initiatives,
ConnectWise
“Passwords are often associated with inconvenience — and for good reason. Employees and consumers alike are overwhelmed by the thought of remembering login details for 100-200 websites and making them difficult for bad actors to guess. That’s why this World Password Day, it’s important to look at the practical solutions to this impractical problem, accelerated by more and more aspects of our lives going online.

To ensure your personal and work-related accounts, as well as the sensitive data residing within them, remain secure:

  • Use a password manager…but do your research. Some have been breached in the past, and you want to make sure your choice is reliable, safe and up to date
  • Use a different, complex password for every website.This reduces your risk of credential stuffing attacks, where hackers take login details harvested from breached websites to log into users’ accounts on other, unaffected sites. A password manager makes this process much easier as it will create lengthy, unique passwords for each site
  • Remember that the longer the password, the longer it takes for digital adversaries to crack it, thus deterring successful brute force attacks
  • Avoid overused practices like adding an exclamation point at the end, including phrases associated with family or pets, or using incremental numbers. Hackers use these well-known patterns to guess your password, and you’ll just make their jobs easier
  • Give only fake answers to security questions that would help you recover your password, so hackers cannot mine that information from snooping on you online. One example would be your mother’s maiden name. With some social media searching, this would be easy to identify, so choose a made up name only you would know
  • Implement multi-factor authentication wherever available to create extra hurdles for cybercriminals

There will always be varying degrees of account compromise. If someone hacked my LinkedIn, they might post something embarrassing, but it’s easy to change the password and regain control. However, if they broke into my online bank account or used my credit card on Amazon to rack up charges, we’d be looking at significant damage. Wouldn’t it be better to prevent all of these incidents, though? Implementing these best practices across your online presence will do just that–and protect both you and your company on an ongoing basis.”

Grant McCormick, CIO,
Exabeam
“For World Password Day 2020, we’ll look at some of the most prevalent password-related risks associated with the sudden remote work transition. First, we’ve seen multiple credential stuffing campaigns — where bad actors use passwords from previously breached sites to break into accounts on unaffected sites — initiated against organizations crucial to both working from home and handling the global pandemic. In April, cybercriminals put large numbers of account information belonging to both Zoom users and employees of the WHO, CDC and Gates Foundation, up for sale online, likely gathered from other breaches. This is particularly dangerous for individuals and organizations because these credentials could be used to access corporate accounts then move laterally through the network to cause deeper damage.

Technology consumers, that happen to be physically restricted by the COVID-19 lockdown, should bring their own lockdownto password management: by establishing different passwords for all of their accounts, immediately changing passwords on sites that have been breached and using multi-factor authentication wherever it is available.

Hostile cyber actors are not sheltering in place — very much the contrary. To remediate incidents involving user credentials and respond to adversaries, organizations must move fast and consider an approach that is closely aligned with monitoring user behavior – to provide the necessary visibility needed to restore trust, and react in real time, to protect user accounts. This should include the ability to detect, using behavioral characteristics, when abnormal events have occurred.

Second, Zoombombing and eavesdropping threats have risen in prevalence. Zoom launched into action to upgrade its encryption standards, and many organizations using the tool moved quickly to ensure password and host setting best practices. For companies, accessing Zoom accounts in concert with SSO / identity access management (IAM) platforms is critical. We also recommend making passwords a default requirement for all Zoom meetings, requiring all employees add passwords to existing meetings and ensuring each meeting owner changes screenshare settings to ‘host only.’ All organizations should also utilize end-to-end encryption and continuously update their video conferencing clients and broader endpoint software stack. This advice applies to all B2B video conferencing solutions.

While most remain hopeful about therapies and even a cure for COVID-19, credential-based attacks and digital privacy issues will remain long after the pandemic. Thus, these practices should remain top of mind year-round in 2020 and beyond.”

Johan Pellicaan, VP & Managing Director EMEA,
Scale Computing
“Password protection is the frontline of security processes for any business, and employees are the first line of defense for any organization implementing an all-encompassing cybersecurity strategy. With the potential for threats such as phishing emails and ransomware attacks ever-rising, especially in the current remote working landscape, it’s never been more important to get each element of this cybersecurity strategy right.

Precautions like advanced passwords and multi-factor authentication are important cogs in a truly secure remote working operation, as are things like a VDI deployment running on a hyperconverged edge computing solution. With VDI technology in place, end users can log in securely to any machine on a network and then access their emails, files and applications as usual. They aren’t limited to PC terminals — they simply load their personal desktop or applications on their mobile phone or tablet, significantly boosting workforce agility.

Furthermore, by remotely monitoring user profiles – regardless of location – IT teams can reduce security risks by identifying potentially suspicious activity and logging out inactive users. A VDI deployment can also offer a cost-effective and secure method to extend network access beyond the office walls to provide remote access to employees wherever they are located.

The majority of businesses find that managing BYODs brings a considerable number of security and admin challenges. However, by integrating BYODs onto an officially sanctioned VDI environment, employee mobiles and tablets can be more effectively protected from potential security risks, so information is better secured from accidental disclosure and loss.”

Yev Pusin, Director of Strategy,
Backblaze
“This World Password Day reminds us that while backing up is key to protecting your data, the simple task of protecting your computer, systems, and online accounts with strong passwords is an effective measure to securing your data as well. A strong password strategy means using best practices like different passwords for every service, changing passwords frequently, remembering that 123456 is never a good password, and using a secure password manager to keep everything sorted.

A strong password is a good start, but you can really lock your accounts down by adding two-factor authentication to any accounts that have the option (and remember to create backup codes)!

These simple steps could halt cyberattacks such as credential stuffing or hacking of personal details. But ultimately, using passwords effectively requires a disciplined approach that always stays one step ahead of cybercriminals. Stay safe out there!”

Wieger van der Muelen, Global IT-Security Manager / CISO at
Leaseweb Global
“As the COVID-19 crisis continues, so too does the spike in phishing scams and spam attacks on remote workers as hackers relentlessly use it to their advantage. Not only are workers having to adapt to working from home full-time, but the IT teams of the organisations they belong to must contend with adapting current IT systems to fit with a home environment. It is at times like these – more so than usual – that it is vitally important that simple security measures are followed. Simple yet effective steps like ensuring passwords are suitably protected spring to mind. Regularly updating passwords, having different ones for different applications stored in a password manager, and two-factor authentication are all practical steps towards making it much more difficult for hackers to infiltrate information. While the chaos around COVID-19 ensues, with all of its social and financial pressures, the last thing a company wants is to fall prey to a ransomware or phishing attack. By acting smart now, we can all avoid that risk.”

Related Content

  1. Disaster Recovery Journal
    Celebrate World Password Day By Protecting Yourself From Cybercriminals
  2. Disaster Recovery Journal
    International Women’s Day – March 8
  3. Disaster Recovery Journal
    Computer Crime: The Undetected Disaster

Recent Posts

Flexential’s 2024 ESG Report Details Advancements Across Data Center Efficiency, Talent Support, and Operational Oversight

July 16, 2025

DuploCloud Announces Availability of AI Suite in the New AWS Marketplace AI Agents and Tools Category

July 16, 2025

Exodigo Brings AI Efficiency to Infrastructure Industry, Closes $96 Million Series B

July 16, 2025

IObit Launches IObit Software Updater 8: Intelligent Software Management for Enhanced Security

July 16, 2025

New Incogni Study Reveals Massive Data Sharing and Privacy Risks in Popular Buy Now, Pay Later Apps

July 16, 2025

iCOUNTER Emerges from Stealth to Launch Cyber Risk Intelligence Category

July 16, 2025

Archives

  • July 2025 (35)
  • June 2025 (54)
  • May 2025 (59)
  • April 2025 (91)
  • March 2025 (57)
  • February 2025 (47)
  • January 2025 (73)
  • December 2024 (82)
  • November 2024 (41)
  • October 2024 (87)
  • September 2024 (61)
  • August 2024 (65)
  • July 2024 (48)
  • June 2024 (55)
  • May 2024 (70)
  • April 2024 (79)
  • March 2024 (65)
  • February 2024 (73)
  • January 2024 (66)
  • December 2023 (49)
  • November 2023 (80)
  • October 2023 (67)
  • September 2023 (53)
  • August 2023 (72)
  • July 2023 (45)
  • June 2023 (61)
  • May 2023 (50)
  • April 2023 (60)
  • March 2023 (69)
  • February 2023 (54)
  • January 2023 (71)
  • December 2022 (54)
  • November 2022 (59)
  • October 2022 (66)
  • September 2022 (72)
  • August 2022 (65)
  • July 2022 (66)
  • June 2022 (53)
  • May 2022 (55)
  • April 2022 (60)
  • March 2022 (65)
  • February 2022 (50)
  • January 2022 (46)
  • December 2021 (39)
  • November 2021 (38)
  • October 2021 (39)
  • September 2021 (50)
  • August 2021 (77)
  • July 2021 (63)
  • June 2021 (42)
  • May 2021 (43)
  • April 2021 (50)
  • March 2021 (60)
  • February 2021 (16)
  • January 2021 (554)
  • December 2020 (30)
  • November 2020 (35)
  • October 2020 (48)
  • September 2020 (57)
  • August 2020 (52)
  • July 2020 (40)
  • June 2020 (72)
  • May 2020 (46)
  • April 2020 (59)
  • March 2020 (46)
  • February 2020 (28)
  • January 2020 (36)
  • December 2019 (22)
  • November 2019 (11)
  • October 2019 (36)
  • September 2019 (44)
  • August 2019 (77)
  • July 2019 (117)
  • June 2019 (106)
  • May 2019 (49)
  • April 2019 (47)
  • March 2019 (24)
  • February 2019 (37)
  • January 2019 (12)
  • ARTICLES & NEWS

    • Business Continuity
    • Disaster Recovery
    • Crisis Management & Communications
    • Risk Management
    • Article Archives
    • Industry News

    THE JOURNAL

    • Digital Edition
    • Advertising & Media Kit
    • Submit an Article
    • Career Spotlight

    RESOURCES

    • White Papers
    • Rules & Regulations
    • FAQs
    • Glossary of Terms
    • Industry Groups
    • Business & Resource Directory
    • Business Resilience Decoded
    • Careers

    EVENTS

    • Fall 2025
    • Spring 2025

    WEBINARS

    • Watch Now
    • Upcoming

    CONTACT

    • Article Submission
    • Media Kit
    • Contact Us

    ABOUT DRJ

    Disaster Recovery Journal is the industry’s largest resource for business continuity, disaster recovery, crisis management, and risk management, reaching a global network of more than 138,000 professionals. Offering weekly webinars, the latest industry news, rules and regulations, podcasts, the industry’s only official mentoring program, a quarterly magazine, and two annual live conferences, DRJ is leading the way to keep professionals up-to-date and connected in an ever-changing world.

    LEARN MORE

    LINKEDIN AND TWITTER

    Disaster Recovery Journal is the leading publication/event covering business continuity/disaster recovery.

    Follow us for daily updates

    LinkedIn

    @drjournal

    Newsletter

    The Journal, right in your inbox.

    Be informed and stay connected by getting the latest in news, events, webinars and whitepapers on Business Continuity and Disaster Recovery.

    Subscribe Now
    Copyright 2025 Disaster Recovery Journal
    • Terms of Use
    • Privacy Policy