password hack

Pride and Passwords: Top Hacking Methods & How to Prevent Them

Cybersecurity is becoming a pressing issue for IT professionals in all fields. There are headlines every week about data breaches of all sizes and the attacks themselves come from many angles. This article details the password attack methods hackers frequently used against enterprises and provides solutions as to how your business can prevent damage or breaches. 1. Dictionary Attacks A …

benchmark

A Benchmark for Your Unsafe Passwords

News and warnings about data breaches and leaks abound at the moment, emphasizing the need for increased cybersecurity regardless of the industry. Microsoft’s Active Directory is often the perfect target for bad actors seeking to abuse compromised credentials. Despite the frequency of compromised credentials being the cause of data breaches, most organizations do not know whether their users’ passwords are safe. …

Password Blacklist

Password Blacklists: Applying the Goldilocks Principle

One of the most effective ways to increase the strength of your network’s security is to screen users’ passwords against a list of dictionary passwords and known compromised passwords. Password vulnerabilities remain a major entry point for hackers. Over the last few years, password policy has evolved in significant ways. NIST password guidelines now indicate that using a password blacklist …

7 AD security tips

Seven Active Directory Security Tips from The Experts

Microsoft Active Directory (AD) allows IT administrators to manage users, data, and applications within their organization’s network. Due to its popularity and importance within companies, AD is a perfect target for ‘bad actors.’ We’ve most likely all seen the massive increase in data breaches over the past few years. There are many attack vectors out there, but compromised credentials are …

CJIS password

How CJIS Evolved Password Policy Requirements

The Criminal Justice Information Services (CJIS) is the largest division of the FBI. They’re a hub of state-of-the-art tools and services for law enforcement, national security community partners, and the general public. The CJIS Security Policy is regularly updated to evolving industry best practices. Their June 2019 update introduced a new policy option for passwords. This option made it easier …

The Skinny on Password Attacks

The Skinny on Password Attacks

Thousands of Canadian citizens are at risk of identity fraud after cybercriminals used stolen credentials to access government services including COVID-19 relief funds. The source of the breach was a credential stuffing attack utilizing logins exposed in a prior breach. This is the latest example in a steady stream of data breaches driven by poor password practices. The Verizon DBIR …

good better best MFA

Good, Better, Best: Using Multi-factor Authentication Effectively

Multi-factor authentication (MFA) is useful, but not a failsafe strategy for user authentication. The purpose of identity and access management technology is, generally speaking, to prevent unauthorized users from viewing, stealing, or manipulating data, whether a corporate network, or a celebrity Twitter account. As most users know, the dangers of the internet are ever shifting, and it’s important to stay …

prevent password cracking

The Ways to Prevent Password Cracking

Cracking dictionaries are software programs that compile lists of unique words, common passwords, and iterations of common passwords. These words are collected from public domain files from multiple sources and in various formats. With cracking dictionaries, hackers narrow the universe of possible passwords to try. Instead of a brute force attack that tries every possible character combination, the hacker can …