Back to all our Insights
Knowledge

The Importance of Password Security in the Digital World

Why Is Password Security Crucial? 

With the advancement of technology and communication, the use of digital devices in daily life has significantly increased. According to Mastercard research, individuals, on average, possess ten digital accounts used across various devices and applications. Each day, a person enters a password approximately eight times to access their accounts. 

A password is one of the primary methods for maintaining security within the realm of information technology. Unfortunately, many users still employ easily guessable passwords, such as birthdates (25%), pet names (18%), or family names (13%). Furthermore, 84% of users only change their passwords occasionally, while only 16% consistently remember them. This habit increases the risk of hacking, potentially compromising users’ personal data and creating vulnerabilities for online crime. 

Threats of Hacking and Data Breaches 

Cyberattacks on large corporations often lead to customer data breaches, including phone numbers, email addresses, and other personal information. One instance of a breach in Indonesia was the KreditPlus data leak in August 2020. A report from the cybersecurity firm Cyble revealed that approximately 890,000 KreditPlus customer data records were allegedly leaked and sold on the hacking forum Raidforums. The leaked data included names, emails, passwords, home addresses, phone numbers, employment details, and even family card (KK) information. Additionally, password security can be compromised when users access public networks without additional protection. 

Best Practices in Maintaining Password Security 

ISO/IEC 27001:2013 Annex 9.4.3 governs how secure password management should be implemented to protect sensitive data. Here are some essential steps in managing password security: 

  • Do not store passwords in unencrypted plain text format. 
  • Avoid sharing passwords via email, chat, or other electronic communication media. 
  • Do not write down easily guessable password hints, such as family names or birthdates. 
  • Avoid using the “Remember Password” feature on browsers or applications. 
  • Immediately change default passwords after initial use. 
  • Use a combination of uppercase letters, lowercase letters, numbers, and special characters in your password. 
  • Ensure passwords are a minimum of eight characters long. 
  • Avoid using the same password for work and personal accounts. 
  • Utilize multi-factor authentication (MFA) such as OTP or SMS for additional security. 

Conclusion 

While no security system is perfect, proper password management can significantly reduce the risk of hacking. Users are encouraged to be more aware of the importance of regularly changing passwords and implementing Multi-Factor Authentication (MFA) for added protection. 

Have you ensured the password security of your digital accounts? 

Syifa Aulia Sari
IT GRC Consultant
Robere & Associates (Indonesia)

OTHER INSIGHT POSTS
ISO 27001 Logistic Postal Sector
Implementation of ISO/IEC 27001:2022 Now Mandatory for the Postal and Logistics Sector Under Permenkomdigi No. 8 of 2025 Knowledge
Public Trust Through ISO/IEC 27701:2025
Building Public Trust Through ISO/IEC 27701 Implementation Knowledge

Leave a Reply

Consult with us