Passwords aren’t going anywhere. Even with biometrics and multi-factor authentication gaining ground, most South African, and global, organisations still rely on passwords as a frontline defence – and for good reason.
But they’re only as strong as the understanding of the people creating them.
With cybercrime costing the local economy billions each year, World Password Day is a good time to get back to basics. Weak, reused, or shared passwords remain a key vulnerability – and attackers know it.
In fact, South Africa ranked among the top three most-targeted countries in Africa for cyberattacks in 2023, with estimated annual losses exceeding R2.2 billion according to Interpol’s African Cyberthreat Assessment Report (2021) and supported by follow-up data from SABRIC and local infosec consultancies.
The lesson? Passwords aren’t a compliance checkbox. They’re a habit. And right now, too many employees are still using Welcome123 or reusing the same login across platforms. That’s like locking your front door and leaving the key under the mat.
Facilitating understanding for employees on this subject is what will culturally shift the strength of this vital frontline defence – just think about how many people currently roll their eyes when companies require frequent password changes.
KnowBe4, whose cybersecurity platform is used by over 70 000 organisations worldwide to address human risk management, recommends three essential but simple steps that can quickly facilitate meaningful change while other initiatives form:
- Use passphrases or long, random passwords. Length beats complexity.
- Store them with a password manager. No more spreadsheets or sticky notes.
- Enable MFA wherever possible. One password should never open all the doors.
Password hygiene isn’t just a technical issue – it’s part of a company’s security culture. Small changes in behaviour can shut down big risks before they ever reach your systems.