Articles about Passwords

As global problems spill over into the digital realm and hybrid working has taken hold, businesses are increasingly looking beyond the password in order to secure accounts.

The latest Trusted Access Report from Cisco company Duo shows a 50 percent increase in the percentage of accounts allowing WebAuthn passwordless authentication and a fivefold increase in WebAuthn usage since April 2019.

Continue reading →

Although we've been told for years that their days are numbered, passwords are still a major part of our security defenses.

New research from Rapid7 looks at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.

Continue reading →

A new survey of over 300 IT professionals with responsibility for workforce identities and their security in large organizations shows that 87 percent expect passwordless solutions will become the leading approach to secure workforce identities within five years.

The study by Dimensional Research for Secret Double Octopus looks at perceptions and adoption of newer FIDO2-certified enterprise passwordless solutions, and the impact of single sign-on portal and endpoint biometric-based 'passwordless-like' experiences.

Continue reading →

Google has announced today that it's bringing passkey support to both Chrome and Android. Passkeys offer a significantly safer replacement for passwords and other phishable authentication factors and mark another step towards a passwordless future.

If you're unfamiliar with passkeys, they're a joint initiative from Apple, Google, and Microsoft. Unlike a password the key is stored exclusively on your devices and never gets shared with anyone else.

Continue reading →

In what was a far-sighted move back in 2004, the President of the United States and Congress declared October to be Cybersecurity Awareness Month, dedicated to helping individuals protect themselves online as threats to technology and confidential data become more commonplace.

This has now become a regular event on the calendar and the theme of this year's campaign is 'See Yourself in Cyber', aiming to underline the fact that cybersecurity is ultimately about people rather than technology.

Continue reading →

While software-based password managers are incredibly popular these days, it is still terrifyingly common to find that people store passwords on sticky notes attached to their monitor. A slightly more up to date means of recording passwords is to type them into a text document, and this is something Microsoft is seeking to discourage with the latest update to Windows 11.

With Window 11 2022 Update, the company added a new enhanced phishing protection feature of Microsoft Defender Smartscreen. This security feature can, among other things, issue a warning if it detects that you are entering one of your passwords into a document or, for that matter, a potentially insecure website. The feature is not enabled by default, so here's how to bolster your security.

Continue reading →

A new report from 1Password reveals that 43 percent of employees admit to risky online behaviors such as sharing logins, offloading tasks to others, or even abandoning certain tasks altogether to circumvent complicated login procedures.

Having to remember multiple logins heightens stress levels and strains mental health according to 41 percent of respondents. While 37 percent say that the onboarding process at their current job was time-consuming, confusing or challenging when it came to logging into work-related accounts.

Continue reading →

The average US business faces around three successful cyberattacks each year, and while most agree that attacks are set to increase, 32 percent still lack a management platform for IT secrets, like API keys, database passwords and privileged credentials, posing a significant risk to organizational security.

A new US Cybersecurity Census Report from Keeper Security shows most organizations think they're prepared to fend off cyberattacks, with 64 percent of respondents rating their preparedness at least an eight on a 10-point scale and 28 percent rating themselves as a 10/10.

Continue reading →

Verizon recently released its 2022 Data Breach Investigations Report, giving businesses vital insights into the state of cybersecurity around the world. Containing an analysis of over 23,000 incidents and 5,200 confirmed breaches over 15 years, Verizon attributes the number-one motive of cyberattacks to financial gain. Almost four out of five breaches were attributable to organized crime seeking to extort businesses of hefty ransomware sums, backed by insurance pay-out.

Verizon has also estimated that there has been a 13 percent increase in ransomware breaches -- this is more than in the last 5 years combined. Additionally, 82 percent of cyber breaches involved a human element, namely through stolen credentials, phishing, misuse or simply an error.

Continue reading →

In order to keep your wireless network(s) safe from intruders you are encouraged to change the default passwords, replacing them with long, impossible to guess choices. That’s great from a security point of view, but it can be nightmare if you forget or mislay them.

Thankfully, your devices will store the logins for all of the wireless networks you connect to -- including those for hotels, airports and coffee shops -- but it’s not that obvious how to view this information.

Continue reading →

New research from Specops Software finds major cybersecurity weaknesses in popular web services including Shopify, Zendesk, Trello, and Stack Overflow.

The study shows several popular business web applications have failed to implement critical password and authentication requirements to protect customers from cybercrime.

Continue reading →

The Fast Identity Online (FIDO) Alliance -- a group of technology companies including Apple, Google and Microsoft -- recently announced its commitment to supporting passwordless authentication across its products. FIDO’s plans have been in place for nearly a decade and work started long ago on a system that lets users log in to their online accounts without a password but instead with a PIN, biometric, iris scan or with voice recognition.

FIDO’s approach is expected to be implemented across Apple, Google and Microsoft platforms later this year and FIDO believes this will provide better protection over legacy multi-factor authentication and better protection against malicious phishing attacks.

Continue reading →

As long ago as 2004 no less a figure than Bill Gates was predicting the death of the password. But here we are almost 20 years on and passwords are still the primary authentication method.

So passwords look set to be with us for a while yet, however, 90 percent of internet users are worried about getting their passwords hacked. Cybersecurity company Ping Identity has been looking at passwords and how to use them safely for both businesses and consumers.

Continue reading →

A new study finds that 26 percent of UK respondents admit to not using strong and unique passwords for their various work applications.

Worse still, the report, from MFA provider Beyond Identity, shows 11 percent never change their work password, while almost a quarter (24 percent) maintain the same personal passwords.

Continue reading →

As we mark World Password Day, three of the major technology players are announcing a significant step on the road to a passwordless future.

Over the next year Google plans to implement passwordless support in Android and Chrome. Apple and Microsoft have also announced that they will offer support in iOS, MacOS, Safari, Windows and Edge.

Continue reading →