The Skinny on Password Attacks

The Skinny on Password Attacks

Thousands of Canadian citizens are at risk of identity fraud after cybercriminals used stolen credentials to access government services including COVID-19 relief funds. The source of the breach was a credential stuffing attack utilizing logins exposed in a prior breach. This is the latest example in a steady stream of data breaches driven by poor password practices. The Verizon DBIR …

good better best MFA

Good, Better, Best: Using Multi-factor Authentication Effectively

Multi-factor authentication (MFA) is useful, but not a failsafe strategy for user authentication. The purpose of identity and access management technology is, generally speaking, to prevent unauthorized users from viewing, stealing, or manipulating data, whether a corporate network, or a celebrity Twitter account. As most users know, the dangers of the internet are ever shifting, and it’s important to stay …

prevent password cracking

The Ways to Prevent Password Cracking

Cracking dictionaries are software programs that compile lists of unique words, common passwords, and iterations of common passwords. These words are collected from public domain files from multiple sources and in various formats. With cracking dictionaries, hackers narrow the universe of possible passwords to try. Instead of a brute force attack that tries every possible character combination, the hacker can …

LastPass taps Enzoic for Dark Web Monitoring

LastPass taps Enzoic for Dark Web Monitoring

Enzoic’s Dark Web Monitoring services are now being embedded into the new LastPass Security Dashboard. The new capabilities provide early warning of increased risk of identity theft and other cybersecurity vulnerabilities. A recent LastPass survey found 86% of people don’t have any way to know if their personal information has been exposed on the dark web. Enzoic’s dedicated threat researchers …

The Lifecycle of a Password

The Lifecycle of a Password

Securing Passwords from Create to Retire Organizations are in a non-stop battle to protect their network and meet data security responsibilities in the face of ever-increasing cyberattacks. A key challenge is ensuring that users create secure passwords. Four out of five hacking breaches involve unsafe password practices. In this current threat environment, passwords must exclude passwords exposed in previous data …

From Stolen Credentials to Full Network Compromise

From Stolen Credentials to Full Network Compromise

How Hackers Are Actually Using Exposed Passwords to Infiltrate Active Directory Recent reports like the Verizon DBIR have noted that stolen credentials are often the foothold that attackers use to compromise networks and systems. A simple phishing or credential stuffing attack becomes the entry point for a much larger enterprise, like data theft, ransomware, or system hijacking. This is rather …

trusting passwords

Trusting Passwords: Best Practices for Threat-Proofing Credentials

“Open, Sesame!”Upon reflection it’s easy to see that passwords have an incredibly long history: from shibboleths to military codes, they’ve been used in many situations to preserve privacy and identity. With the creation of computing technology, passwords became ubiquitous, and were codified in the digital world as strings of characters—numbers, letters, and symbols. Much like their historical counterparts, they were …

Digital Home Security: How to stay safe while the world works from home

Digital Home Security: How to stay safe while the world works from home

Working from home used to seem something of a luxury, reserved for those whose work might not rely on customer interaction or face to face meetings. But since April of this year, the number of people working from home has dramatically increased, due to the risks associated with COVID-19. This trend has spanned most major sectors of the industry—education, healthcare, …

state of password security 451

Response Required

Why organizations need to react urgently to the state of password security, according to data from 451 Research In a recent brief titled “Love ‘em or Hate ‘em, Passwords Are Here to Stay,” 451 Research indicated that despite the stirrings of a passwordless revolution, the widespread use of passwords won’t be changing in the foreseeable future. The 451 brief points …