The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on... Read More
Password Policy Management
Categories
The risk of default passwords: What they are & how to stay safe
Cyberattacks are evolving rapidly. As technology advances, so do the tools and techniques used by hackers, from AI-driven phishing schemes to highly targeted ransomware attacks. But despite this increasing sophistication, many successful breaches still rely on something shockingly simple:... Read More
Password encryption: What is it and how does it work?
As companies rapidly shift towards cloud-based environments, employees find themselves juggling multiple accounts across a variety of platforms, each one most likely safeguarded by a password. These digital keys are often the first (and sometimes only) line of defense... Read More
Password spraying: Attack guide and prevention tips
The phrase ‘spray and pray’ likely came from the military, used to describe inaccurately firing automatic weapons in the hope that one shot eventually found its mark. It’s now used to describe any scenario where a strategy relies on... Read More
How to build a PCI-compliant password policy
The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant... Read More
Ten security best practices for Active Directory service accounts
Microsoft Active Directory is arguably one of the most attacked resources that you can run on-premises. The reason for this is that it stores the “keys to the kingdom.” Everything identity related on-premises and even in hybrid-joined cloud environments... Read More
NIST password guidelines: Full guide to NIST password compliance
Many look to the National Institute of Standards and Technology (NIST) guidelines as the gold standard when it comes to cybersecurity best practices. But as you’ve likely heard, NIST has updated its password guidelines in the latest draft of... Read More
Creating a custom password-exclusion dictionary with ChatGPT
When cybercriminals attempt to crack passwords, it makes sense to go for the lowest hanging fruit. They’re going to start by trying the most common, easy-to-guess passwords, as chances are some end users are bound to have chosen them.... Read More
Five strategy recommendations for planning a password policy
An Active Directory full of strong, non-compromised passwords should be an essential cybersecurity goal for every organization. A clearly articulated and enforceable password policy strategy is the best way to put this into practice. However, it’s important to tailor... Read More
How we use Threat Intelligence to find new breached passwords
What makes a good breached password list? Numbers are a good start – the more breached passwords you can cross-reference against your Active Directory, the better. You want to maximize your chances of detecting end users who are using... Read More