Experts Discuss the Future of Password Security on World Password Day 2025

ADELAIDE, Australia - May 1, 2025 - PRLog -- On World Password Day 2025, cybersecurity experts are once again sounding the alarm over the state of digital security. Despite years of awareness campaigns and a growing number of data breaches, poor password practices remain one of the weakest links in Australia's cyber defence. Password reuse, weak credentials, and over-reliance on outdated methods continue to expose individuals and businesses to unnecessary risk.

This issue is especially pressing in Australia. In just the first three months of this year, Cloudflare blocked an average of 1.2 billion cyber threats daily — a 23 per cent increase from the previous quarter. Attackers are scaling phishing and credential stuffing attacks, exploiting weak or reused passwords as an easy and effective way in. With traditional authentication methods no longer enough to hold the line, experts are calling for urgent changes to how we manage access.

Erich Kron, Security Awareness Advocate at KnowBe4, emphasises that World Password Day is no longer just a reminder to update credentials. It is a call to rethink authentication altogether. Updating weak passwords does little to defend against modern threats like credential stuffing and phishing.

Real risk reduction, Kron argues, starts with better habits: longer, more secure passphrases, password managers, and multifactor authentication. However, he stresses that technology alone won't close the gap. Building a strong security culture through ongoing training is essential to prevent threats from escalating.

Bob Wambach, Vice President of Portfolio and Strategy at Dynatrace, notes that passwords alone are insufficient to protect against today's complex digital threats. Once foundational, static credentials have now become prime targets. Wambach advocates for integrated, AI-powered security to proactively identify and address vulnerabilities before they can be exploited.

Patrick Harding, Chief Product Architect at Ping Identity, echoes this, stressing that passwords are becoming a liability. With AI-driven attacks on the rise, he calls for organisations to embrace passwordless authentication methods, such as biometrics, to better secure user experiences and prevent breaches.

Carla Roncato, VP of Identity at WatchGuard Technologies, focuses on the growing underground market for stolen credentials. The theft and sale of login data, often through phishing and breaches, has become a booming business. Roncato urges organisations to actively monitor the dark web for compromised credentials, highlighting that prevention is no longer enough.

Finally, Ashley Rose, CEO of Living Security, argues that password security is a business issue. She advocates for secure-by-design solutions like passwordless logins, prioritising high-risk users, and integrating password managers. This approach not only strengthens security but also enhances user experience, reducing the friction that often deters secure practices.