Password Protection

How to Solve the Password Problem

An Overhaul in Password Security Passwords aren’t going anywhere. Despite the buzz that biometrics and MFA are holistic solutions, passwords are a ubiquitous, crucial layer for authentication—and they’re low-cost and simple, too.  That’s not to say that passwords are without issues. In fact, due to ineffective password policies, and poor user habits, they are hotly desired targets. Also, when a password …

Password Policy

Bolstering AD Password Policies

Presets Aren’t Enough  Let’s keep things real: passwords aren’t going anywhere. And with continued—and increasing—ransomware attacks and data breaches popping up everywhere, an organization’s password policies are crucial to its digital security stance.  According to the 2022 Verizon DBIR, a majority of attacks originate from a single entry point: compromised credentials. Since so many organizations use Active Directory (AD) as …

IAM day

Time to Lock Down Identity Management Strategies

Updated Best Practices for 2022   Identity Management Day is a chance to bring attention and information about identity management to organizations of all kinds, especially as the digital landscape expands.   Presented by the Identity Defined Security Alliance and the National Cybersecurity Alliance (NCSA), it’s a much-needed opportunity to educate businesses and IT leaders on the importance of cybersecurity awareness and …

experian

Cyberdemic 2.0?

The 2022 Experian Data Breach Industry report covers the impact of breaches over the past year and turns an eye towards the upcoming months as well, forecasting implications for the continued barrage of cyberattacks.  The report covers trends in the digital landscape that have manifested due to natural disasters and gambling sites (leading to more phishing scams), as well as …

password security

The Latest Password Security Methods

Password authentication isn’t going anywhere anytime soon. It’s part of our culture, users and employees are accustomed to it, and many systems depend on the “what you know” layer. Newer technologies like biometrics might work in certain situations, but they won’t replace passwords altogether anytime soon. In our series on password security, we’ve talked about some worrying trends, the myths …

password based security myths

Busting the Myths Surrounding Password-Based Security

People have been relying on password-based security for millennia. The Roman military reportedly used what they called “watchwords” to identify soldiers on patrol. Exclusive groups and guilds used secret passwords to prove membership. The phrase “open sesame” protected hidden treasure in the story of Ali Baba and the Forty Thieves. In more recent times, the world’s first computer passwords were installed …

Password Blacklist

Password Blacklists: Applying the Goldilocks Principle

One of the most effective ways to increase the strength of your network’s security is to screen users’ passwords against a list of dictionary passwords and known compromised passwords. Password vulnerabilities remain a major entry point for hackers. Over the last few years, password policy has evolved in significant ways. NIST password guidelines now indicate that using a password blacklist …