password based security myths

Busting the Myths Surrounding Password-Based Security

People have been relying on password-based security for millennia. The Roman military reportedly used what they called “watchwords” to identify soldiers on patrol. Exclusive groups and guilds used secret passwords to prove membership. The phrase “open sesame” protected hidden treasure in the story of Ali Baba and the Forty Thieves. In more recent times, the world’s first computer passwords were installed …

RockYou2021

Demystifying RockYou2021

Unless you’ve been living under a rock, you’ve probably heard of the RockYou2021 breached password list. Many articles have been published about this incident and password lists associated with it. However, some reported information is misleading or downright wrong. Let’s dive into what the RockYou2021 list means for you and organizations worldwide. What is RockYou2021? For a quick recap, RockYou2021 …

dictionary

Blocking Basic Dictionary Words is not Enough

For many organizations, password security comes down to simply implementing blocks on basic dictionary words from being used in the creation of a user’s password. This is not an effective way to secure passwords and may in fact make the creation of a secure password more difficult. There are many ways to improve password security that go beyond blocking dictionary …

Password Blacklist

Password Blacklists: Applying the Goldilocks Principle

One of the most effective ways to increase the strength of your network’s security is to screen users’ passwords against a list of dictionary passwords and known compromised passwords. Password vulnerabilities remain a major entry point for hackers. Over the last few years, password policy has evolved in significant ways. NIST password guidelines now indicate that using a password blacklist …