Below you'll find a list of all posts that have been categorized as “Credential Screening”
Today is World Password Day and organizations are unfortunately still reliant on archaic password strategies that put the onus on users to create and remember numerous complex and constantly changing password strings. It’s no wonder that this approach is an abject failure. Enterprises need to take steps to address the password problem and ensure that only strong, unique and uncompromised …
Earlier today, news broke that unknown activists have posted nearly 25,000 credentials belonging to the National Institutes of Health, the World Health Organization, the Gates Foundation and other organizations engaged in the fight against the coronavirus pandemic. According to Souad Mekhennet and Craig Timberg at the Washington Post, “The lists, whose origins are unclear, appear to have first been posted …
Fraud and account take-over cost companies billions of dollars every year. Many of these successful attacks are the result of credential stuffing, a vulnerability created by users’ reuse of passwords across systems and websites. Because of the risk of exposed passwords, the US-based National Institute of Standards and Guidelines (NIST) recommends screening accounts against lists of commonly-used and compromised credentials, …
Exposed password screening is the process of checking currently used passwords against passwords that have been exposed in a publicly known data breach. Once these passwords are exposed, they are considered to be compromised passwords. In 2017, the National Institute of Standards and Technology updated the NIST password guidelines, recommending for exposed password screening. Since then, companies and organizations are …
Cybersecurity and infosec are constantly evolving. Today, organizations are doing everything in their power to harden their defenses, protect their internal networks, and secure data from increasing internal and external threats. The need to be ahead of bad actors causes new cybersecurity trends to emerge every year. The following 2020 cybersecurity trends are important ones to watch. #1: Automation for …
Enzoic CEO Michael Greene had a recent session with CyberEd. CyberEd.io provides the latest discussions on cybersecurity topics straight from industry leaders for the security practitioner on-the-go. Here is a quick summary of that session. Strong Authentication Hindering the User Experience Numerous options exist for strong authentication, but most involve introducing some form of friction into the user experience. User …
Identity Theft Protection: A Crucial Consideration in Today’s Heightened Environment Why IDShield Partners with Enzoic for Comprehensive Identity Theft Protection for Our Customers. By Guest Blogger: Allen Spence, Director, IDShield Product Leadership, LegalShield According to the Identity Theft Resource Center, there were over 1,200 reported breaches last year alone, which exposed over 400 million records. And as Time’s Patrick Lucas …
Disney+ Launch: A whole new world of excellent content, the same password reuse problem Consumers and critics alike have long clamored for the Disney+ streaming service, however, its recent launch has once again exposed the risks with password reuse. Even a mega-brand like Disney has password risks. An investigation found that less than 48 hours after launch, thousands of exposed …
According to LoyaltyOne, a loyalty advisory company, in the US, there are at least 3.8 billion rewards memberships, which equates to about 10 per consumer. Companies create loyalty programs for their customers because it decreases customer attrition while also giving the company more information on each customer for data mining and partnerships. One key challenge for companies is protecting those …
We all know that data breaches have leaked billions of user credentials (usernames and passwords) on the public internet and dark web. The Global Password Security Report shows an alarming 50% of people reuse the same passwords across their personal and work accounts. If a cybercriminal obtains legitimate credentials for a personal account, they often can also get into that person’s work account because …
