Cyberattacks are evolving rapidly. As technology advances, so do the tools and techniques used by hackers, from AI-driven phishing schemes to highly targeted ransomware attacks. But despite this increasing sophistication, many successful breaches still rely on something shockingly simple:... Read More
Password Policy Management
Categories
Password encryption: What is it and how does it work?
As companies rapidly shift towards cloud-based environments, employees find themselves juggling multiple accounts across a variety of platforms, each one most likely safeguarded by a password. These digital keys are often the first (and sometimes only) line of defense... Read More
How to build a PCI-compliant password policy
The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant... Read More
Ten security best practices for Active Directory service accounts
Microsoft Active Directory is arguably one of the most attacked resources that you can run on-premises. The reason for this is that it stores the “keys to the kingdom.” Everything identity related on-premises and even in hybrid-joined cloud environments... Read More
NIST password guidelines: Full guide to NIST password compliance
Many look to the National Institute of Standards and Technology (NIST) guidelines as the gold standard when it comes to cybersecurity best practices. But as you’ve likely heard, NIST has updated its password guidelines in the latest draft of... Read More
Creating a custom password-exclusion dictionary with ChatGPT
When cybercriminals attempt to crack passwords, it makes sense to go for the lowest hanging fruit. They’re going to start by trying the most common, easy-to-guess passwords, as chances are some end users are bound to have chosen them.... Read More
Five strategy recommendations for planning a password policy
An Active Directory full of strong, non-compromised passwords should be an essential cybersecurity goal for every organization. A clearly articulated and enforceable password policy strategy is the best way to put this into practice. However, it’s important to tailor... Read More
How we use Threat Intelligence to find new breached passwords
What makes a good breached password list? Numbers are a good start – the more breached passwords you can cross-reference against your Active Directory, the better. You want to maximize your chances of detecting end users who are using... Read More
New hires, old problems: How to reduce password risk during onboarding
The first week of a new job always seems to involve plenty of time with the IT team – especially when onboarding remote employees. Setting up hardware, accesses, and passwords is an essential step. One of the first and... Read More
How much are weak passwords costing your organization?
Bad passwords can be a direct and indirect financial drain on any organization. They’re often the weakest link in a security chain, allowing hackers easy access to sensitive systems and data. Cyber-attacks and breaches are the obvious risks, but... Read More