1Password launches tool to guard against credential stuffing
Reuse of the same or similar passwords across accounts makes life easier for cybercriminals as they are able to try multiple servers using credentials exposed in breaches -- so called 'credential stuffing'.
Enterprise password manager 1Password is launching a new reporting tool for its users that allows them to swiftly identify compromised accounts and take action to protect the enterprise by alerting users to create new secure passwords.
IT administrators enrolled in 1Password Business and 1Password Teams can quickly create a domain breach report which checks all company email addresses against a list of nearly 10 billion compromised accounts provided by HaveIBeenPwned.com. The report identifies all company email addresses which have been caught in data breaches and provides details about each breach so that the IT team can take corrective action. Administrators can notify employees and direct them to create new secure passwords for affected accounts.
"Our domain breach report is designed to help IT better support every user in the enterprise," says Matt Davey, chief operating officer at 1Password. "Rather than forcing employees and IT alike to go through frustrating blunt-force security processes like company-wide automated password resets, our partnership means IT can intercede surgically, reaching out directly to affected employees when they know there's a real threat. This launch supports our mission to help IT departments in the never-ending challenge to protect the enterprise against credential-stuffing attacks and promote healthy password habits, all while helping workers to get more done."
A 1Password survey of 2,100 workers found that one-third of respondents reuse memorable passwords for new accounts and nearly half use a pattern of similar passwords.
1Password users can access the data breach report tool now, you can find out more on the company's site.