Below you'll find a list of all posts that have been categorized as “cybersecurity”
Enzoic is proud to be part of Enterprise Security Magazine’s Top 10 Identity and Access Management Solution Providers for 2019. Enzoic was selected to be part of this exclusive list because of the uniqueness of the technology along with the low-friction way the product helps prevent account takeover and fraud. In the past decade, over 10 billion records have been …
The Open Web Application Security Project (OWASP), a non-profit that is dedicated to web application security, classifies credential stuffing as a subset of brute force attacks. However, in practice, the two types of cyber-attacks use very different methods to accomplish an account takeover and fraud. To explore how credential stuffing attacks and brute force attacks differ, we need to understand …
Law firms are frequently targeted by hackers due to their sensitive client information. The ABA is taking notice and has issued Formal Opinion 483. This is a quick guide on that Opinion and tips for how Law Firm can approach cybersecurity
The FTC is sending a strong message that businesses will no longer be able to play the victim-card. Instead, they are responsible for protecting their customers from credential stuffing and account takeover. Learn how this will change security protocols for companies throughout the US.
Yesterday I received an email in my inbox from a prominent gaming website, indicating that my account had been disabled due to “suspicious activity” and that I would need to reset my password. They then carefully explained that this was not due to a breach of their site, but instead likely due to my account credentials having been exposed either …
With rapid rate of evolution within technology, why are we still using passwords? The answer lies in the simple, positive attributes of passwords that are not found in other authentication methods: affordable, easy to replace, universally compatibility, privacy safe and no false positive. This closer look highlights the gaps in other methods that will make it hard to get past the password.
With rapid rate of evolution within technology, why are we still using passwords? The answer lies in the simple, positive attributes of passwords that are not found in other authentication methods: affordable, easy to replace, universally compatibility, privacy safe and no false positive. This closer look highlights the gaps in other methods that will make it hard to get past the password.
The big changes to NIST password recommendations we’ve been talking about are now official: NIST 800-63 is final. It’s important to know that this overhaul is about more than just passwords. It’s a full reworking of digital identity guidelines with a suite of new documents and a flexible approach to using them.
NIST suggests passwords should be screened against commonly-used, expected, or compromised passwords. This is intended to ensure passwords are not found in common cracking dictionaries that would make them easy to guess. These checks can occur at account creation and password reset. But then what? How do you know if they are still safe after time?
The US National Institute of Standards and Technology (NIST) just finalized new draft guidelines, completely reversing previous password security recommendations and upending many of the standards and best practices security professionals use when forming policies for their companies.
