Logo  
may 2025
 

May is Password Month. Do we still need them?

Did you know that there is a World Password Day?

It's true - World Password Day is celebrated every year on the first Thursday in May. The aim? To raise awareness among users and organisations of the importance of digital security and the risks associated with using weak, reused, or exposed passwords.

Initially created as an educational campaign, the day now serves as a global wake-up call: even with all the technological advances, passwords remain one of the most vulnerable points in our digital lives.

Intro
 
 
Does it still make sense to rely on passwords?

Passwords, as we know them, are outdated. Even with complexity rules, multi-factor authentication (MFA) and other layers of protection, they remain a weak link in digital security.

 
 
What are the main problems with passwords?
  • Many are still weak or reused across multiple services.
  • They are often exposed without users - or companies - realising.
  • In companies in southern Europe, more than 45 per cent of passwords are reused.
  • One employee can have access to dozens (or hundreds!) of systems, all with passwords.
 
 
If they're so problematic, why do we still use passwords?

Despite the existence of viable alternatives, many organisations remain dependent on old infrastructures, constrained by operational inertia and the constant postponement of priorities, which compromises the definition of a structured transition plan.

 
 
Is there a viable alternative?

Yes, it's called a passkey. Passkeys are cryptographic credentials linked directly to your device. They work with biometrics (such as Face ID or fingerprints) or a local PIN, without the need for a password.

And no, this isn't a futuristic concept - it's a real technology, already supported by Google, Apple, Microsoft, and integrated into the main operating systems and browsers.

 
 
Why are passkeys more secure?
  • Immune to phishing and brute force attacks.
  • They cannot be shared or reused.
  • Not to be memorised.
  • Simpler for the user. Safer for everyone.
 
 
What's stopping the transition to safer alternatives?

Despite the technological maturity of solutions that replace passwords, widespread adoption is still limited by several structural factors:

  • Old infrastructures that don't support modern authentication methods.
  • Internal processes based on traditional models, which are difficult to reformulate without operational impact.
  • Organisational culture is resistant to change, where security is often sidelined in the face of other priorities.

More than a technical issue, this is a need for strategic reassessment: replacing passwords requires planning, awareness, and investment. The lack of a clear transition plan is now one of the main obstacles to the evolution of digital security.

 
 
QUICK TIPS: What can you do today?
  • Use unique and strong passwords. If possible, use a password manager.
  • Avoid reusing passwords between different services.
  • Activate multi-factor authentication (MFA) whenever available.
  • Try using passkeys - they're already available on many services.
 
 
In conclusion

Passwords are still widely used, but their effectiveness and security are increasingly being questioned. Technology already offers more robust alternatives, such as passkeys, which eliminate many of the weaknesses associated with the traditional authentication model.

Maintaining the exclusive use of passwords poses real risks:

  • Greater exposure to social engineering and phishing attacks.
  • Re-use of credentials in multiple services.
  • Complexity in management and a constant need for updating.

Adopting more secure authentication practices doesn't just depend on organisations. Each user can - and should - take an active role in protecting their digital identity.

Exploring the use of passkeys, using password managers, and activating multi-factor authentication are simple steps that contribute to greater individual security.

The question is no longer whether you should stop using passwords, but when you will start adopting more secure alternatives.

 

Archive

2025

2024

2023

2022

2021

2020

2019

Subscribe our newsletter.


Cookie Consent X

Devoteam Cyber Trust S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.