Marcus White

Deployment

Security

Technical

Marcus is a Specops cybersecurity specialist based in the UK, with 8+ years experience in the tech and cyber sectors. He writes about authentication, password security, password management, and compliance.

Articles written by Marcus White

Aug

12

New hires, old problems: How to reduce password risk during onboarding

The first week of a new job always seems to involve plenty of time with the IT team – especially when onboarding remote employees. Setting up hardware, accesses, and passwords is an essential step. One of the first and most…
Read More
Jul

30

How much are weak passwords costing your organization?

Bad passwords can be a direct and indirect financial drain on any organization. They’re often the weakest link in a security chain, allowing hackers easy access to sensitive systems and data. Cyber-attacks and breaches are the obvious risks, but there…
Read More
Jul

16

[New research] Golf takes gold: Appears in over 40K breached Olympic sport passwords

Today, the Specops research team is publishing new data on end users choosing their sporting hobbies as passwords. Inspired by the Paris 2024 Olympic Games, we’ve looked at breached passwords that contain sports from the global sporting event as a…
Read More
Jul

10

Rockyou2024 analysis: Mega password list or just noise?

Back in June 2021, a large data dump called ‘rockyou2021’ was posted on a popular hacking forum. It was named after the popular password list used in brute-force attacks called ‘Rockyou.txt’ – and it was a pretty big story at…
Read More
Jun

25

Average organization saved $65K in 2023 with self-service password resets

Resetting passwords is a time and resource sink for IT helpdesks – Gartner found 40% of all help desk calls to the service desk are related to password expirations, changes, and resets. However, resets are also a part of life…
Read More
Jun

10

NIS2, passwords, and MFA: Everything you need to know

MFA and password security are key considerations in several regulatory frameworks, and NIS2 is no different. The NIS2 Directive is an important piece of legislation for anyone working in cybersecurity across the European Union. The latest updates to the NIS2…
Read More
Apr

22

Why use passphrases over passwords? | Passphrase best practice guide

A passphrase is a password; it’s simply one that’s made up of random whole words (usually, three, or four). So if a passphrase is just a password, why does it matter which one we enforce end users to create? There’s…
Read More
Mar

26

Secured your Active Directory? EASM is your next password security step.

It’s important to lock down the basics first when it comes to cybersecurity. You could purchase a state-of-the-art security system for your house – but it’s still going to be targeted by criminals if you leave the doors and windows…
Read More
Mar

07

Four ways to make end users love password security (or at least tolerate it).

When end users find their organization’s security measures burdensome or frustrating, it can significantly increase the risk of insider threats. Gartner revealed that 69% of employees have disregarded their organization's cybersecurity guidance in the past year. This doesn’t mean they’re…
Read More
Feb

21

How an ex-employee’s leaked credentials led to a U.S. State Government breach

A U.S. State Government organization’s network was recently compromised through a former employee's administrator account. The organization itself is unnamed, but we know that the threat actor successfully authenticated into an internal virtual private network (VPN) access point using an…
Read More