Dos and Don'ts of password security

The Updated Do’s and Don’ts of Password Security

When it comes to passwords, individual habits and organizational policies vary widely—unfortunately, the pattern is one of weakness. But organizational online security can be immediately improved by the implementation of a few key principles. Stronger passwords mean that users are keeping themselves safer online—and if users are safer online, it results in your organization staying safer as well. Updated NIST …

Time to Prioritize Passwords

Time to Prioritize Passwords

Despite proclamations that passwords are going the way of the Dodo, they are still a fundamental part of our digital lives. However, they remain a weak link in our approach to cybersecurity and it’s time for us all to rethink how we create and use passwords to protect our identities from cybercriminals. So, we want to take this opportunity to …

password reuse

8 Scary Statistics about the Password Reuse Problem

As we rapidly move everything online in response to the global pandemic, this has put passwords front and center again. With the latest Marriott breach, it’s like groundhog day when it comes to passwords with both organizations and users failing to take the necessary measures to step up their password hygiene. Passwords remain a weak link and are the source …

Credentials

Exposure of NIH, WHO, and Gates Foundation Credentials Underscores the Critical Importance of Credential Screening

Earlier today, news broke that unknown activists have posted nearly 25,000 credentials belonging to the National Institutes of Health, the World Health Organization, the Gates Foundation and other organizations engaged in the fight against the coronavirus pandemic. According to Souad Mekhennet and Craig Timberg at the Washington Post, “The lists, whose origins are unclear, appear to have first been posted …

facebook

Facebook Password Security Fail

Facebook is facing scrutiny once again today by disclosing that it accidentally stores “hundreds of millions” user passwords in plaintext. To make matters worse, 20,000 Facebook employees had access to view these passwords. Instagram users are also impacted by this massive oversight. There are so many things wrong here. In the day and age, obviously no company or organization should …

password reuse is bad

The Magician’s Handkerchief of Password Reuse

Yesterday I received an email in my inbox from a prominent gaming website, indicating that my account had been disabled due to “suspicious activity” and that I would need to reset my password. They then carefully explained that this was not due to a breach of their site, but instead likely due to my account credentials having been exposed either …