Apparently this week is National e-Security Awareness Week in Australia and as part of that, today, Monday the 9th June, is National ‘Change Your Password day’.
Quite how official this is I do not know, the concept of keeping passwords up to date and changed regularly is preached frequently by the likes of Sophos’ security guru Graham Cluley, and now ISACA.
Jo Stewart-Rattray from ISACA’s international Security Management Committee and President of the Adelaide Chapter of ISACA, said: “We are particularly impressed with the national Change Your Password day, which aims to encourage all IT users to change their password to at least eight characters.
“The Change Your Password day - which is being publicised by Ministers and IT security companies across Australia - is a splendid illustration of what can happen when private and public sector organisations co-operate effectively.”
The initiative is aiming to encourage IT users to switch to a mixture of upper- and lower-case alphanumeric characters, that ISACA claims is an ‘excellent way of explaining to end users the need to boost security on e-banking and other online systems.’
As someone who uses the internet frequently and is forced to use passwords for almost every site, from web-based mail to social networking to shopping sites to our own content management system, I know what the challenges are.
The difficulty is we are preached at and told to use a complex blend of characters and numbers, to make the combination hard to trace or replicate. I was in conversation with Chris Schwartbauer from Shavlik last year, and he gave me a demonstration of what he felt was a secure password. Arguably the challenge is getting this message across to the general public.
After all, once you have an email address as a login, how many times would you be able to login to a site with a basic ‘password’ or ‘qwerty’ – apparently two of the more popular options.
Is it time for a change, arguably yes, and should there be pressure to replicate this in the UK, even only for education purposes? Most would agree, perhaps it is a chance for Get Safe Online http://www.getsafeonline.org/ to get involved.