username & password

Username & Password Pairs: Why Banning Just Passwords Isn’t Enough

Password blacklists are receiving considerable attention. It’s clear why: weak and compromised passwords are a factor in nearly all hacking-related cybersecurity breaches. Best practices from NIST require organizations to disallow the use of any common and compromised passwords. And several cyber security companies offer password blacklists for this purpose. But authentication requires a username and password combination, so shouldn’t we …

full credentials

Enzoic Expands Automated Credentials Monitoring in Active Directory

Solution Now Continuously Screens for Both Unsafe Passwords and Compromised Full Credentials Reducing the Risk of a Cyberattack Boulder, CO – March 2, 2022 – Enzoic, a leading provider of compromised credential screening solutions, today released the latest version of Enzoic for Active Directory. The solution prevents users from choosing weak or previously exposed passwords by screening them at their …

ITRC

ITRC Breach Annual Report: Key Findings

The Identity Theft Resource Center (ITRC) is a nationally recognized nonprofit organization “established to support victims of identity crime.” The recently released Data Breach Annual Report provides statistics and perspectives on cyberattacks. Here’s what organizations need to know: The overall number of data breaches rose a whopping 68 percent in 2021. There were 1,862 individual breaches last year, surpassing 2020’s …

SMB

One Size Does Not Fit All

How Small and Mid-Sized Businesses are Faring in the Cybersecurity Landscape When threat actors are on the prowl for lucrative plans, they search for many types of data. Some focus on bank details or credit card numbers, while others zero in on medical information or other personal details. But according to the Verizon Data Breach Investigations Report (DBIR), credentials—typically pairs …

state of password security

Passwords Security: Past, Present, and Future

The recent report on The State Password Security in the Enterprise reveals several essential findings for system administrators and security professionals alike.  First, whether we are happy about it or not, passwords are going to be around for a long time. Second, organizations need to familiarize themselves with current industry recommendations. And third, due to the frequency of cyber-attacks involving …

pipeline

Lessons from the Colonial Pipeline Breach

One of the largest, most economically devastating ransomware attacks occurred less than a month ago, and details of the attack are starting to become clearer. So what was the catalyst for this attack? It was as simple as a compromised password. As initially reported by Bloomberg, DarkSide was able to breach Colonial Pipeline and inject ransomware, crippling their infrastructure and …

dictionary

Blocking Basic Dictionary Words is not Enough

For many organizations, password security comes down to simply implementing blocks on basic dictionary words from being used in the creation of a user’s password. This is not an effective way to secure passwords and may in fact make the creation of a secure password more difficult. There are many ways to improve password security that go beyond blocking dictionary …

cybersecurity tips

Top Five Digital Tips for Thriving in the New Normal

Reports, op-eds, and documentaries point out that many 2020 pandemic-prompted changes are likely here to stay. From contactless takeout food delivery to the widespread adoption of virtual meetings, the disruption of COVID caused many technological and digital shifts for organizations. According to recent information from PWC, which surveyed businesses cross-industry, CEOs plan to make their companies more digital and virtual. …

passwordless

It’s Passwords, All the Way Down

We seem enamored with the idea of a ‘passwordless’ society. Not just because it would be an indicator of secure networks, but because trying to keep track of tens of unique, complex passwords is not ideal. There has been plenty of industry and media buzz around the concept of passwordless authentication strategies. Particular attention is paid to strategies like biometrics—which …