General security

The problem with passwords

August 13, 2018 by Susan Morrow

This episode of the CyberSpeak with InfoSec Institute podcast goes into detail about the popular and often controversial topic of passwords. Susan Morrow has worked in the IT security sector since the early 1990s — working across diverse sectors such as file encryption, digital rights management, digital signing and online identity.

In the podcast, Morrow and and Chris Sienko, host of CyberSpeak with InfoSec Institute, discuss:

  • What systemic mistakes are people and organizations making with their passwords? (1:20)
  • Has two-factor authentication provided more security than passwords? (4:40)
  • Which of your passwords need to be secure? (8:15)
  • What is the best way to create and store a secure password? (12:50)
  • What are some best practices for updating bad passwords? (17:45)
  • How have NIST password requirements changed? (22:15)
  • Is there a way to keep cybersecurity at the front of people’s minds? (27:00)
  • Is it possible to get to a post-password world and how do we get there? (30:00)

The InfoSec Institute security awareness series highlights the importance of security education across all levels of an organization. For more on security awareness and anti-phishing solutions, check out SecurityIQ by InfoSec Institute:

About CyberSpeak with InfoSec Institute

Get security awareness and IT training insight direct from the trenches in this weekly podcast hosted by InfoSec Institute’s Chris Sienko. Each week on CyberSpeak with InfoSec Institute, IT and security practitioners share their insights into a new topic, including security awareness, IT and security careers and keeping organizations safe from cybercrime.

Posted: August 13, 2018
Susan Morrow
View Profile

Susan Morrow is a cybersecurity and digital identity expert with over 20 years of experience. Before moving into the tech sector, she was an analytical chemist working in environmental and pharmaceutical analysis. Currently, Susan is Head of R&D at UK-based Avoco Secure. Susan’s expertise includes usability, accessibility and data privacy within a consumer digital transaction context. She was named a 2020 Most Influential Women in UK Tech by Computer Weekly and shortlisted by WeAreTechWomen as a Top 100 Women in Tech. Susan is on the advisory board of Surfshark and Think Digital Partners, and regularly writes on identity and security for CSO Online and Infosec Resources. Her mantra is to ensure human beings control technology, not the other way around.