Tech | May 5, 2022 12:33 pm

Reminder: Don’t Use Your Pet’s Name as a Password

Here are a few best practices for keeping your online data safe for World Password Day, at least before we reach our password-less future

working place with laptop mouse and lazy funny cat laying on warm keyboard close up photo. Over a third of people using pet names as part of their online passwords, which is a serious security flaw.
If you talk about Whiskers on social media, don't use Whiskers as your password.
Ulianna / iStock / Getty

It’s World Password Day, held on the first Thursday of May since 2013 as a way to remind people to not use “password” as their password and generally practice better and more secure habits online.

It’s also a good day to hear a lot of sobering statistics — as Microsoft notes, there are 921 password attacks every second, which is a doubling of the frequency over the past 12 months — and realize that people are still doing some very dumb things when it comes to keeping their online info secure.

With that in mind, a few lessons to remember on this 10th annual World Password Day:

  • Don’t use your pet’s name as a password. According to Aura, a digital security provider, 39% of American pet owners have used their pet’s name as part of their password for an online account. And that’s not good, because pet owners tend to share their pets’ names on social media.
  • Do use a password manager. Use of password management services or built-in browser vaults was up from 22% to 32% year-over-year in 2021, according to Security.org. These managers work across different platforms and devices and they can help you create unique passwords (and automatically sign you into sites). I personally use Dashlane and I’ve had few issues.
  • Don’t reuse passwords. More than two in three people continue to use the same passwords across multiple accounts, as noted by Security.org. And once your sign-in and password info hits the dark web, you’re leaving multiple accounts exposed to hackers.
  • Do use multi-factor authentication: According to stats by the open-source password manager Bitwarden (as reported by USA Today), 79% of U.S. respondents use multi-factor authentication for workplace accounts and 77% for personal accounts. Yes, utilizing a two-pronged approach — in this case, a password or biometric login followed by a one-time code sent to your phone — is irritating. But it’s also less irritating than having your credit card info stolen.

The good news? We’re getting closer to a more secure and password-less future. Google, Apple and Microsoft all recently agreed to expand support for a password-free sign-in standard from the FIDO Alliance and the World Wide Web Consortium, according to TechCrunch. So you’ll be able to use your smartphone to sign in to an app or website without worrying about the operating system or browser you’re using (or remembering a password).

Basically, once you unlock your smartphone, via fingerprint, face scan or PIN, you’ll be able to unlock other devices and sites as well.