Today is World Password Day. Held annually on the first Thursday of May, World Password Day focuses on promoting strong password habits, reducing reliance on weak credentials, and encouraging multi-factor authentication (MFA).
Dan Moore, Sr. Director CIAM Strategy at cybersecurity company FusionAuth, shared some of his thoughts on World Password Day:
“World Password Day exists because passwords remain the weakest link in most security chains and that’s still true in 2026, even as passkeys gain momentum. The reality is that the vast majority of applications in production today still rely on passwords as either a primary or fallback credential. That means the basics still matter enormously: checking credentials against breach databases, knowing and following NIST guidelines, and making it easy for users to do the right thing. The industry’s job right now isn’t to declare passwords dead but to manage the transition responsibly while the ecosystem catches up.
I genuinely wonder how many more World Password Days we’ll observe. Passkeys are now supported across every major platform, social login, SMS and email OTPs are mainstream fallbacks, and the developer tooling to implement passwordless is never more accessible. We’re not there yet: passwords will be with us for years, embedded in legacy systems and user habits, but the trajectory is clear. The question for businesses isn’t whether to move beyond passwords, it’s how to build their identity infrastructure today in a way that makes that transition smooth when the time comes, or painful.”
Now is a really good time to not only re-evaluate your passwords to make more complex ones for example, but to evaluate the usage of other forms of authentication, or using forms of MFA for example. Because the harder that you make it for the bad guys to get in, the safer you will be.
Related
This entry was posted on May 7, 2026 at 12:29 pm and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Today Is World Password Day
Today is World Password Day. Held annually on the first Thursday of May, World Password Day focuses on promoting strong password habits, reducing reliance on weak credentials, and encouraging multi-factor authentication (MFA).
Dan Moore, Sr. Director CIAM Strategy at cybersecurity company FusionAuth, shared some of his thoughts on World Password Day:
“World Password Day exists because passwords remain the weakest link in most security chains and that’s still true in 2026, even as passkeys gain momentum. The reality is that the vast majority of applications in production today still rely on passwords as either a primary or fallback credential. That means the basics still matter enormously: checking credentials against breach databases, knowing and following NIST guidelines, and making it easy for users to do the right thing. The industry’s job right now isn’t to declare passwords dead but to manage the transition responsibly while the ecosystem catches up.
I genuinely wonder how many more World Password Days we’ll observe. Passkeys are now supported across every major platform, social login, SMS and email OTPs are mainstream fallbacks, and the developer tooling to implement passwordless is never more accessible. We’re not there yet: passwords will be with us for years, embedded in legacy systems and user habits, but the trajectory is clear. The question for businesses isn’t whether to move beyond passwords, it’s how to build their identity infrastructure today in a way that makes that transition smooth when the time comes, or painful.”
Now is a really good time to not only re-evaluate your passwords to make more complex ones for example, but to evaluate the usage of other forms of authentication, or using forms of MFA for example. Because the harder that you make it for the bad guys to get in, the safer you will be.
Share this:
Like this:
Related
This entry was posted on May 7, 2026 at 12:29 pm and is filed under Commentary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.