top of page

Stop Bad Passwords Before They Stop You.

October arrives. Attention is high. Time… not so much. So to save you time, we’ve focused on the four biggest wins: stronger passwords, password manager adoption, MFA everywhere, and a first step into passkeys. Result: better logins, fewer resets, and a safer team.


Use this four-week plan to run high-impact awareness with minimal effort.


ree

Week 1 - Passwords: Long, Unique, Unbeatable


Why this week matters:

Weak or recycled passwords are the speed run to a breach. Start by fixing the basics.


Fun-fact: 81% of hacking-related breaches come from weak or reused passwords.*

Source - Spacelift


Behavioural checklist for this week:

🔒Create long passphrases (12+ characters)

🚫Stop reusing passwords across accounts



ree

Week 2 - Password Managers: One Vault, Many Wins


Why this week matters:

People won’t remember 100+ unique passwords. Tools will.


Fun-fact: The average worker manages ~87 work passwords, yet only ~36% of U.S. adults use a password manager. Huge room for easy wins.*

Source - NordPass


Behavioural checklist for this week:

🛠️ Install/enable your approved password manager

➕ Use it to generate and save unique passwords by default


ree

Week 3 - Multi-Factor Authentication (MFA)


Why this week matters:

When (not if) a password leaks, MFA keeps the door shut.


Fun-fact: Microsoft’s telemetry shows MFA can block >99.9% of account-compromise attempts; guidance in 2025 still cites >99.2% protection. Turn it on everywhere you can.*

Source - Microsoft


Behavioural checklist for this week:

✅ Turn on MFA wherever it’s offered

🛑 Recognise and deny “push-fatigue” approval spam



ree

Week 4 - Passkeys: Phishing-Resistant by Design


Why this week matters:

Passkeys replace passwords with device-bound keys—nothing to type, nothing to steal.


Fun-fact: 15B+ online accounts can now leverage passkeys; Google alone reports 400M+ accounts using passkeys with 1B+ sign-ins. They’re phishing-resistant by design.*

Source - FIDO Alliance


Behavioural checklist for this week:

📲 Enrol a passkey on at least one supported service

🔁 Keep MFA on for any accounts that don’t support passkeys yet



Comments


bottom of page