state of password security 451

Response Required

Why organizations need to react urgently to the state of password security, according to data from 451 Research In a recent brief titled “Love ‘em or Hate ‘em, Passwords Are Here to Stay,” 451 Research indicated that despite the stirrings of a passwordless revolution, the widespread use of passwords won’t be changing in the foreseeable future. The 451 brief points …

Questions to ask when considering compromised password monitoring providers: https://www.enzoic.com/questions-to-ask-compromised-password-monitoring-vendors/

Questions to Ask Compromised Password Monitoring Vendors

Organizations using Active Directory must update their password policies to block and detect compromised passwords, but comparing password monitoring vendors in this area can sometimes be challenging. Often, organizations are not sure how to compare vendors and are not sure what questions should be asked when working with password monitoring vendors. By asking the right questions, you can pick the …

Active Directory Lite

Need Help Auditing for Compromised Passwords?

Password audits have become more difficult. New data breaches expose credentials every day. These are quickly fed into hackers’ cracking dictionaries, changing which passwords you need to keep out. Verizon’s DBIR found 81% of data breaches were caused by compromised, weak, and reused passwords. Traditional algorithmic complexity rules are no longer considered a key factor in password strength. NIST password …

Percentage of respondents indicating methods for performing key IAM tasks in their organizations: https://www.enzoic.com/wp-content/uploads/EMA-Contextual-Awareness-Report-03.2020-ENZOIC-SUMMARY.pdf

Identity and Access Management has a Password Problem

Recent research from Enterprise Management Associates (EMA) found that a staggering 60% of organizations have experienced a security breach in the past year. Digging into the details, the leading source of breaches (24.4%) was once again due to compromised user passwords. The findings also highlighted that a further 16.1% of breaches were down to a user sharing credentials with an …

Ensuring Security in the Coronavirus Remote Working Era: https://www.enzoic.com/security-in-the-coronavirus-remote-working-era/

Ensuring Security in the Coronavirus Remote Working Era

Working from home has become the new reality for organizations of all industries and sizes as the nation struggles to contain the coronavirus pandemic. As companies contemplate an indefinite period of remote work and virtual interactions, it’s essential that they not overlook a critical variable: ensuring online security. Security while remote working adds a whole new layer of complexity. As …

Creating a NIST Password Policy for Active Directory https://www.enzoic.com/creating-a-nist-password-policy-for-active-directory/

Creating a NIST Password Policy for Active Directory

NIST recommends rejecting passwords used for online guessing attacks and also eliminating periodic password expiration- unless the password is compromised. While these requirements make sense given current cyber threats, they don’t precisely fit historic password policies. NIST has recommended new password policy guidelines for Active Directory that can help. So how can you easily implement a modern password policy? And …

Password Complexity Rules

The Benefits and Drawbacks of Password Complexity Rules

In recent years, cybersecurity experts have called into question the usefulness of password complexity rules. Password complexity rules have existed in some form since the internet and email became mainstream. They have since become a common feature in password policies across industries all over the world. However, faced with the unique struggles of cybersecurity threats in the digital age, some …

Root Passwords

Root Passwords: The Root of Password Problems

The average online user has over 90 accounts between personal and work accounts that require a password. That is a daunting number of unique passwords to memorize. In an effort to remember their passwords, most users will select common “root” words with easily guessable variations. These root passwords become predictable passwords when one becomes compromised. Password Expiration Policies The situation …

Recommendations For HIPAA Password Compliance: https://www.enzoic.com/hipaa-password-compliance/

Recommendations For HIPAA Password Compliance

What is HIPAA Password Compliance and How Healthcare Organizations Can Comply with these Authentication Guidelines. HIPAA (Health Insurance Portability and Accountability Act) was introduced in 1996 but has become increasingly prominent in recent years due to the rise of data breaches in the industry. Data breaches have been on the rise across all industries in the past five years, but …

Password Rotation Policy

The Pros and Cons of Password Rotation Policies

Why Password Rotation Policies May No Longer Be Fit-For-Purpose In the Digital Age Forced password resets have been a common feature of password policies for a long time and are still widely used. However, Microsoft and the NIST password guidelines, recommend doing away with password rotation policies, claiming they don’t improve security – and can actually make it worse. Despite …