Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    WSJ: "Forget Passwords. It’s Time for Passphrases."

    Stu Sjouwerman | Sep 19, 2018
    iStock-806861356Mr. Henry Williams is a deputy editor for The Wall Street Journal in New York, and he reported on something we just also recommended. Here is an excerpt with a link to the full article at the end. You should forward this to your C-suite:
     

    Two researchers say they have come up with a system that makes passphrases more secure and practical

    We all know the drill: When signing up at a website, you’re told to choose a password. It has to be at least a certain number of characters. It must contain letters and at least one number and perhaps at least one special character. Oh, but some special characters aren’t acceptable.

    The death of complicated passwords—which are both hard to remember and not that secure—has been forecast for years, but reality hasn’t quite caught up yet.

    Now, however, two researchers have developed an idea for replacing passwords with more-secure passphrases that people will actually remember and use.  

    Kevin Juang, a former doctoral student at Clemson University, and his co-author and adviser, Joel Greenstein, have created a working prototype of an online system for websites and their registered users to replace passwords with randomly generated passphrases that in theory, in combination with other cues, will be much easier to remember and to enter accurately.

    Passphrases have been discussed in online-security research for over 30 years, but most websites and apps still use passwords. Partly, that’s because long passphrases are harder to type, leading to more log-in failures, but it’s also because users tend to pick phrases from common sources, likes song lyrics, making them easy for hackers to figure out. People also sometimes use a passphrase on more than one website, or use a certain word repeatedly to make the passphrase even easier to remember. Here is the link to the WSJ Article.

    https://www.wsj.com/articles/forget-passwords-its-time-for-passphrases-1537322580

    KnowBe4 recently also recommended the very same thing. And we showed how fast a complex password can be cracked. How Fast Can Your Domain Admin Password Be Cracked?

    WATCH THIS VIDEO THAT SHOWS HOW FAST PASSWORDS CAN BE CRACKED

     

    Topics: Password Security

    Are your user’s passwords ... P@ssw0rd?

    Identify which users are using easily guessable or brute-forceable credentials before cybercriminals do. 

    Get Your Weak Password Test

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All