ADELAIDE, Australia - AussieJournal -- On World Password Day 2025, cybersecurity experts are once again sounding the alarm over the state of digital security. Despite years of awareness campaigns and a growing number of data breaches, poor password practices remain one of the weakest links in Australia's cyber defence. Password reuse, weak credentials, and over-reliance on outdated methods continue to expose individuals and businesses to unnecessary risk.

This issue is especially pressing in Australia. In just the first three months of this year, Cloudflare blocked an average of 1.2 billion cyber threats daily — a 23 per cent increase from the previous quarter. Attackers are scaling phishing and credential stuffing attacks, exploiting weak or reused passwords as an easy and effective way in. With traditional authentication methods no longer enough to hold the line, experts are calling for urgent changes to how we manage access.

More on Aussie Journal

• BroadSource Recognised at the iAwards for Innovation in Privacy-Preserving AI Technology
• How Legal and Compliance Teams Can Say "Yes" to AI with SecurePII
• Elevating Global Status, Shincheonji Taekwondo Team Wins Medals Again in International Competition
• Macon's Historic Douglass Theatre Names Toni Simmons Henson as Artistic Director for Inaugural Series Celebrating the Spirit of American Theatre
• Natural Field Celebrates 20th Anniversary, Advancing Functional Ingredients Globally

Erich Kron, Security Awareness Advocate at KnowBe4, emphasises that World Password Day is no longer just a reminder to update credentials. It is a call to rethink authentication altogether. Updating weak passwords does little to defend against modern threats like credential stuffing and phishing.

Real risk reduction, Kron argues, starts with better habits: longer, more secure passphrases, password managers, and multifactor authentication. However, he stresses that technology alone won't close the gap. Building a strong security culture through ongoing training is essential to prevent threats from escalating.

Bob Wambach, Vice President of Portfolio and Strategy at Dynatrace, notes that passwords alone are insufficient to protect against today's complex digital threats. Once foundational, static credentials have now become prime targets. Wambach advocates for integrated, AI-powered security to proactively identify and address vulnerabilities before they can be exploited.

Patrick Harding, Chief Product Architect at Ping Identity, echoes this, stressing that passwords are becoming a liability. With AI-driven attacks on the rise, he calls for organisations to embrace passwordless authentication methods, such as biometrics, to better secure user experiences and prevent breaches.

More on Aussie Journal

• Pat Mesiti Launches Programs to Equip a Generation for Prosperity Through Mindset & Self-Education
• Shincheonji Taekwondo Team Wins Medals Again in International Competition, Elevating Global Status
• Anern Shines at SOLAR AFRICA 2025 with Integrated Solar + Storage Solutions
• Grounds For Liability in a Personal Injury Claim
• How Early Learning Centres Can Build Resilience in Your Child

Carla Roncato, VP of Identity at WatchGuard Technologies, focuses on the growing underground market for stolen credentials. The theft and sale of login data, often through phishing and breaches, has become a booming business. Roncato urges organisations to actively monitor the dark web for compromised credentials, highlighting that prevention is no longer enough.

Finally, Ashley Rose, CEO of Living Security, argues that password security is a business issue. She advocates for secure-by-design solutions like passwordless logins, prioritising high-risk users, and integrating password managers. This approach not only strengthens security but also enhances user experience, reducing the friction that often deters secure practices.