Password Protection

How to Solve the Password Problem

An Overhaul in Password Security Passwords aren’t going anywhere. Despite the buzz that biometrics and MFA are holistic solutions, passwords are a ubiquitous, crucial layer for authentication—and they’re low-cost and simple, too.  That’s not to say that passwords are without issues. In fact, due to ineffective password policies, and poor user habits, they are hotly desired targets. Also, when a password …

privileged accounts

The Exploitation of Privileged Accounts 

The flow of news about data breaches and ransomware attacks is relentless. Businesses of all sizes—large companies included—continue to suffer. Not only do cyber attacks lead to financial damage, but they have knock-on effects like reputational impact and loss of client trust.  What’s less publicized is just how often these breaches are caused by vulnerabilities in privileged accounts.  Privileged accounts …

Password Policy

Bolstering AD Password Policies

Presets Aren’t Enough  Let’s keep things real: passwords aren’t going anywhere. And with continued—and increasing—ransomware attacks and data breaches popping up everywhere, an organization’s password policies are crucial to its digital security stance.  According to the 2022 Verizon DBIR, a majority of attacks originate from a single entry point: compromised credentials. Since so many organizations use Active Directory (AD) as …

AD F

Active Directory is an Active Vulnerability 

Many organizations that use Active Directory (AD) are failing to bolster their security postures  Microsoft AD has been around for almost a quarter century, and while many organizations across industries use it, few have adapted to the demand for greater security postures.  Despite the fact that approximately 90% of the Global Fortune 1000 companies use AD, only about a quarter consider security …

The Biggest Takeaway from the 2022 Verizon DBIR

The annual Verizon Data Breach Investigations Report (DBIR) contains several useful security insights. Reflecting on another year where cybersecurity attacks have frequently starred in news headlines, the 2022 DBIR confirms a lot of what professionals already know: cyber attacks continue to increase in frequency, and organizations of all sizes need to bolster their defensive postures in order to stay safe.  …

username & password

Username & Password Pairs: Why Banning Just Passwords Isn’t Enough

Password blacklists are receiving considerable attention. It’s clear why: weak and compromised passwords are a factor in nearly all hacking-related cybersecurity breaches. Best practices from NIST require organizations to disallow the use of any common and compromised passwords. And several cyber security companies offer password blacklists for this purpose. But authentication requires a username and password combination, so shouldn’t we …