Articles about Passwords

Analysis of exposed dark web assets from SpyCloud finds that the technology sector has the highest number of malware-infected employees and consumers, the highest number of exposed corporate credentials, and the most exposed malware cookie records.

In the analysis of the darknet exposure of employees of Fortune 1000 enterprises across 21 industry sectors, researchers uncovered 27.48 million pairs of credentials with corporate email addresses and plain text passwords, with over 223,000 exfiltrated by malware.

Continue reading →

As another World Password Day rolls around there’s the inevitable debate about whether the days of the password at the front line of security are numbered.

In recent years it has seemed that reports of the password's death have been greatly exaggerated. But as Google extends its rollout of passkey technology it seems that passwords may finally have had their day.

Continue reading →

Every year, World Password Day serves as a reminder that passwords are the first line of defense against an ever-changing threat landscape. However, over the past few years, the notion that passwords actually do little to defend against hackers, has continued to snowball.  

This World Password Day, we asked a group of experts within the cyber security and wider technology field to discuss the topics of password hygiene, best practice, and the notion of a password-less future.

Continue reading →

Tomorrow is World Password Day but Google has chosen today to announce a major step towards ending the need for passwords, introducing support for passkeys across Google Accounts on all major platforms.

Back in December last year, passkey support was introduced to Chrome. Today's announcement means they can now be used across Google Services for a fully passwordless sign-in experience.

Continue reading →

Google has released an important update for its Authenticator app. The latest versions of Google Authenticator for iOS and Android can now synchronize one-time codes to the cloud.

In offering Google Account synchronization, the 2FA tool is now easier to use across multiple devices. This is something Google points out as being useful in the case of a lost or stolen device.

Continue reading →

Despite relatively low awareness of passwordless technology, 65 percent of North American consumers report they’d be open to using new technology that makes their lives simpler.

A new report from 1Password shows that 80 percent say they care about their online privacy and actively take measures to protect it. But it's clear that they also believe we can do better than passwords for both security and ease of use.

Continue reading →

Passwords have been under attack for a long time. Not just by data breachers, but by people writing, ad nauseum, about how passwords are an ineffective means of authentication. And yet, after years of password warnings by IT departments, and plenty of hand wringing over how passwords need to be more complex and how often people should change them, the most used passwords are easily guessable (things like Password123, 123456 and QWERTY).

Still, passwords remain in wide use today, and we are paying for it. According to the Verizon Data Breach Investigations Report (DBIR), 82 percent  of data breaches are due to the "human element." Chief among this element is stolen credentials, which means passwords.

Continue reading →

Cyber insurance has often been seen by business leaders as a monetary guarantee that even if hackers do break into their networks and steal their data, they can still escape financially unscathed.

Yet this premise was recently rocked after Lloyd's of London, the world's biggest insurance syndicate, redefined its policies to no longer cover for nation-state cyberattacks. There are other challenges facing the cyber insurance sector in the year ahead too.

Continue reading →

People have been predicting the end of the password for a very long time, yet they still remain key to securing access to many systems.

Maybe the end is edging just a bit closer though as ForgeRock announces Enterprise Connect Passwordless, a new passwordless authentication solution that eliminates the need for users to interact with passwords inside large organizations.

Continue reading →

People are struggling to recall an ever-growing number of passwords, with 51 percent of respondents to a new study by Entrust saying they reset a password at least once a month because they can't remember it.

Even more alarming, 15 percent of users who responded reset passwords at least once a week. It's no surprise then that given the option between biometrics or a password, 74 percent of respondents will choose biometrics half the time or more and a third will always choose biometrics when available.

Continue reading →

A new study from Specops Software finds that 88 percent of passwords used in successful attacks consisted of 12 characters or less, with the most common being just eight characters (24 percent).

The research, largely compiled through analysis of 800 million breached passwords, finds the most common base terms used in passwords are depressingly familiar: 'password', 'admin', 'welcome' and 'p@ssw0rd'.

Continue reading →

Privileged access management (PAM) solutions are too complex, with 68 percent of organizations paying for features they don't need, according to a new report.

The report from Keeper Security finds 91 percent of organizations employ PAM and 84 percent of global IT leaders say they want to simplify their PAM solutions in 2023.

Continue reading →

In something of a surprising move, Dashlane has made the source code for its password manager publicly available on GitHub.

Published under a Creative Commons Attribution-NonCommercial 4.0 license, the open-sourcing applies to Dashlane's iOS and Android apps. The company says that is made the decision in the name of transparency and trust, and that the projects will be update four times a year -- although this may increase further down the line.

Continue reading →

Passwords are a problem. They are difficult to remember, often easily guessed or cracked, and generally just a pain. Google is looking to help by adding secure, password-free login to Chrome 108 thanks to newly added passkey support.

The security feature is available to users of Windows 11, macOS and Android, and it follows a short period of beta testing. Backed by the likes of the FIDO Alliance, Microsoft, Apple, and -- of course -- Google, passkeys are a step away from the password managers so many of us have become reliant on.

Continue reading →

Although the death of passwords has been predicted for a long time, the move to other forms of authentication has until recently been glacially slow.

The shift to remote working driven by the pandemic has increased interest in securing wider networks and that has put passwordless authentication into the spotlight. We spoke to Tom Bridge, principal product manager at JumpCloud, to find out more about the technology and the benefits it offers.

Continue reading →