Articles about Passwords

Despite relatively low awareness of passwordless technology, 65 percent of North American consumers report they’d be open to using new technology that makes their lives simpler.

A new report from 1Password shows that 80 percent say they care about their online privacy and actively take measures to protect it. But it's clear that they also believe we can do better than passwords for both security and ease of use.

Continue reading →

Passwords have been under attack for a long time. Not just by data breachers, but by people writing, ad nauseum, about how passwords are an ineffective means of authentication. And yet, after years of password warnings by IT departments, and plenty of hand wringing over how passwords need to be more complex and how often people should change them, the most used passwords are easily guessable (things like Password123, 123456 and QWERTY).

Still, passwords remain in wide use today, and we are paying for it. According to the Verizon Data Breach Investigations Report (DBIR), 82 percent  of data breaches are due to the "human element." Chief among this element is stolen credentials, which means passwords.

Continue reading →

Cyber insurance has often been seen by business leaders as a monetary guarantee that even if hackers do break into their networks and steal their data, they can still escape financially unscathed.

Yet this premise was recently rocked after Lloyd's of London, the world's biggest insurance syndicate, redefined its policies to no longer cover for nation-state cyberattacks. There are other challenges facing the cyber insurance sector in the year ahead too.

Continue reading →

People have been predicting the end of the password for a very long time, yet they still remain key to securing access to many systems.

Maybe the end is edging just a bit closer though as ForgeRock announces Enterprise Connect Passwordless, a new passwordless authentication solution that eliminates the need for users to interact with passwords inside large organizations.

Continue reading →

People are struggling to recall an ever-growing number of passwords, with 51 percent of respondents to a new study by Entrust saying they reset a password at least once a month because they can't remember it.

Even more alarming, 15 percent of users who responded reset passwords at least once a week. It's no surprise then that given the option between biometrics or a password, 74 percent of respondents will choose biometrics half the time or more and a third will always choose biometrics when available.

Continue reading →

A new study from Specops Software finds that 88 percent of passwords used in successful attacks consisted of 12 characters or less, with the most common being just eight characters (24 percent).

The research, largely compiled through analysis of 800 million breached passwords, finds the most common base terms used in passwords are depressingly familiar: 'password', 'admin', 'welcome' and 'p@ssw0rd'.

Continue reading →

Privileged access management (PAM) solutions are too complex, with 68 percent of organizations paying for features they don't need, according to a new report.

The report from Keeper Security finds 91 percent of organizations employ PAM and 84 percent of global IT leaders say they want to simplify their PAM solutions in 2023.

Continue reading →

In something of a surprising move, Dashlane has made the source code for its password manager publicly available on GitHub.

Published under a Creative Commons Attribution-NonCommercial 4.0 license, the open-sourcing applies to Dashlane's iOS and Android apps. The company says that is made the decision in the name of transparency and trust, and that the projects will be update four times a year -- although this may increase further down the line.

Continue reading →

Passwords are a problem. They are difficult to remember, often easily guessed or cracked, and generally just a pain. Google is looking to help by adding secure, password-free login to Chrome 108 thanks to newly added passkey support.

The security feature is available to users of Windows 11, macOS and Android, and it follows a short period of beta testing. Backed by the likes of the FIDO Alliance, Microsoft, Apple, and -- of course -- Google, passkeys are a step away from the password managers so many of us have become reliant on.

Continue reading →

Although the death of passwords has been predicted for a long time, the move to other forms of authentication has until recently been glacially slow.

The shift to remote working driven by the pandemic has increased interest in securing wider networks and that has put passwordless authentication into the spotlight. We spoke to Tom Bridge, principal product manager at JumpCloud, to find out more about the technology and the benefits it offers.

Continue reading →

As global problems spill over into the digital realm and hybrid working has taken hold, businesses are increasingly looking beyond the password in order to secure accounts.

The latest Trusted Access Report from Cisco company Duo shows a 50 percent increase in the percentage of accounts allowing WebAuthn passwordless authentication and a fivefold increase in WebAuthn usage since April 2019.

Continue reading →

Although we've been told for years that their days are numbered, passwords are still a major part of our security defenses.

New research from Rapid7 looks at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.

Continue reading →

A new survey of over 300 IT professionals with responsibility for workforce identities and their security in large organizations shows that 87 percent expect passwordless solutions will become the leading approach to secure workforce identities within five years.

The study by Dimensional Research for Secret Double Octopus looks at perceptions and adoption of newer FIDO2-certified enterprise passwordless solutions, and the impact of single sign-on portal and endpoint biometric-based 'passwordless-like' experiences.

Continue reading →

Google has announced today that it's bringing passkey support to both Chrome and Android. Passkeys offer a significantly safer replacement for passwords and other phishable authentication factors and mark another step towards a passwordless future.

If you're unfamiliar with passkeys, they're a joint initiative from Apple, Google, and Microsoft. Unlike a password the key is stored exclusively on your devices and never gets shared with anyone else.

Continue reading →

In what was a far-sighted move back in 2004, the President of the United States and Congress declared October to be Cybersecurity Awareness Month, dedicated to helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

This has now become a regular event on the calendar and the theme of this year's campaign is 'See Yourself in Cyber', aiming to underline the fact that cybersecurity is ultimately about people rather than technology.

Continue reading →