Collaborate Disseminate
One of the most effective ways to increase the strength of your network’s security is to screen users’ passwords against a list of dictionary passwords and known compromised passwords. Password vulnerabilities remain a major entry point for hackers. Ov… Continue reading Password Blacklists: Applying the Goldilocks Principle
How Hackers Are Actually Using Exposed Passwords to Infiltrate Active Directory Recent reports like the Verizon DBIR have noted that stolen credentials are often the foothold that attackers use to compromise networks and systems. A simple phishing or c… Continue reading From Stolen Credentials to Full Network Compromise
National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changin… Continue reading A Brief Summary of NIST Password Guidelines
Earlier today, news broke that unknown activists have posted nearly 25,000 credentials belonging to the National Institutes of Health, the World Health Organization, the Gates Foundation and other organizations engaged in the fight against the coronavi… Continue reading Exposure of NIH, WHO, and Gates Foundation Credentials Underscores the Critical Importance of Credential Screening
NIST’s latest password guidelines focus less on length and complexity of secrets and more on other measures such as 2FA, throttling, and blacklists. Continue reading Proposed NIST Password Guidelines Soften Length, Complexity Focus