TECHx Editor Rabab Zehra secured an exclusive interview with Yossi Naar, Chief Visionary Officer and Co-founder, Cybereason on the occasion on World Password Day to discuss password-free innovations, threats associated with an organization’s IT security, and how password security can be preserved.
TECHx: Do you think traditional passwords would become extinct in the face of new password-free advances?
Yossi: It will take some time to end the reign of the password because there are many legacy devices, infrastructure and frameworks, as well as regulations in some cases that specifically require passwords.
TECHx: With billions of stolen passwords on the Dark Web, we need to be mindful of the risks. How can you figure out what’s behind these dangers?
Yossi: If you want to know if your passwords leaked, there are services such as https://haveibeenpwned.com which will tell you if your account was compromised and what was stolen. Also, educate employees to never reuse passwords, especially for important accounts.
TECHx: What mistakes do organizations make when it comes to IT security?
Yossi: Explaining IT security mistakes companies make is a large issue and one that isn’t easily explained. In terms of password security, two of the biggest mistakes companies make are adopting extremely stringent password policies that can be counter-productive and not using multi-factor authentication. When you force employees to adhere to strict password policies and require them to change passwords too often, they will tend to use simpler passwords and ones that will most easily comply with your policy which is counterproductive.
TECHx: World Password Day is the ideal time to revamp your passwords. What advice do you have for businesses and individuals who want to keep their passwords secure?
Yossi: As a company, if you are looking to revamp your passwords, my advice is to make sure you don’t trust them and use additional factors in all accounts and services. In addition, password managers are a useful tool that can improve password security and management. However, they exist as a compromise due to the failings of passwords themselves.