Today, Enzoic (formerly PasswordPing) announced the launch of its patent-pending password and credential breach service, which proactively notifies enterprise companies if their users are using exposed credentials.
Enzoic helps organizations and companies screen their user accounts for known, compromised credentials.
In the last 5 years, billions of credentials have been exposed. The impact of those breaches can last for years if users are not proactively changing their credentials. The average online user has an average of 90 online accounts (active and inactive). In the US, it could be even higher, as the average email address has 130 accounts associated with it. It is estimated that at least 55% of users admit that they use the same password across most, if not all, of their accounts.
Duplication of passwords across multiple sites means even if your organization has not been breached, your users are still at risk of having their account hacked.
Organizations can be alerted of exposed credentials and request users to update their credentials when they set up their account, reset their password or log into their account.
“Billions of accounts have been exposed in breaches and often the users are completely unaware of it. With Enzoic, organizations can help inform their users of exposure,” says Mike Wilson, founder of Enzoic. “IT and Development cannot combat it alone. Empowered, informed users must also take measures to protect their own accounts. Armed with awareness of exposed credentials, companies can proactively help keep their users and organization safe.”
Enzoic has a number of tools to help organizations protect their users:
- Enhanced Password Strength Meter: Our enhanced password strength meter is backed by a database of insecure passwords. It replaces the existing password input field on your website’s account sign-up and password change forms, automatically notifying your users when they are using an exposed, compromised password.
- Passwords API: This API takes a password and returns a result indicating if that password has been exposed. It can be used as part of a sign up form or a password change form.
- Credentials API: This API takes a username/password combination and returns a result indicating if those credentials have been exposed. If a user’s credentials are exposed, the user can be notified the next time they login to your site and you can prompt them to change their password.
Enzoic’s patent-pending innovative password and credential breach notification services were created to help organizations keep their users safe. Enzoic helps organizations screen user accounts for known, compromised credentials and passwords. Be aware if your users are using compromised credentials or if they have been exposed in a data breach so you can take proactive steps to protect them and your organization.