Every first Thursday in May commemorates the World Password Day , an initiative driven by the researcher Mark Burnett and formalized in 2013 by Intel Security. Its objective is to raise awareness about the importance of implementing secure access mechanisms in a context where digital identity has become a critical asset for individuals and companies.
Currently, the landscape of cybersecurity in Argentina reflects a challenging scenario:one in three users suffered some security incident in the last year. According to Néstor Markowicz, COO of Certisur , this data goes beyond the individual scope and has a strong impact on organizations, affecting operational continuity , generating recovery costs, loss of customers and reputational damage.
In sensitive sectors such as finance, health and e-commerce , attacks linked to compromised credentials cause a direct decline in user trust. "Credentials are no longer just a technical problem, they are a business problem ", affirms Markowicz, marking a shift in approach: cybersecurity becomes a strategic priority in executive decision-making.
Faced with this context, companies are moving toward models that reduce dependence on traditional passwords, considered the weakest link. Among the main trends are the adoption of multifactor authentication (MFA), passkeys, biometrics and the use of digital certificates , which allow strengthening identity without friction for the user."
To this ecosystem is added the post-quantum cryptography (PQC) , a technology designed to resist future quantum computing capabilities. Although it does not directly replace passwords, it impacts the evolution of more secure authentication systems. "The challenge is not just to eliminate passwords, but to build models resistant to future threats," explains the executive.
However, there is still a gap between the risk perception and the real investment in security . Many organizations maintain a reactive approach, acting after the incident. The new paradigm proposes anticipating through three pillars:visibility of identities and access, automation to reduce human errors and risk-based management , supported by architectures such as Zero Trust.
Within this framework emerges the concept of crypto-agility , key to quickly adapting to new cryptographic standards. This strategy gains relevance in the face of threats such as harvest now, decrypt later , where data is stolen today to be decrypted in the future. "Prevention involves protecting information long-term, even against risks that are not yet widespread," warns Markowicz.
From a business perspective, the digital trust becomes a competitive differentiator. A 33% of users that suffered fraud considers security as a determining factor before operating online. Companies that manage to convey protection through simple yet robust processes improve conversion, reduce abandonment, and strengthen their relationship with customers.
In parallel, training is evolving toward models of continuous training and real attack simulations. Nevertheless, the trend is clear: systems must be designed so that the human error is not critical , integrating automation and gradually eliminating passwords as a point of failure.
In conclusion, the transformation toward models of robust digital identity is no longer optional. "The goal is not to have more secure passwords, but to stop relying on them. Organizations that evolve toward more solid schemes will not only reduce risks, but will build a competitive advantage based on trust," concludes Markowicz.
Frequently Asked Questions
1. Why are passwords no longer sufficient?
Because they are vulnerable to attacks like phishing, credential theft, or reuse. Cybercriminals can exploit them easily, which is why more robust methods are required.
2. What alternatives exist to traditional passwords?
The main ones are MFA, passkeys, biometrics and digital certificates , which offer greater security and better user experience.
3. What is post-quantum cryptography and why is it important?
It is a set of technologies designed to resist quantum computer attacks. It is key to protecting data long-term against future threats.
Maxi Fanelli de ITSitio