Kim Jacobson

Enzoic

The Criminal Justice Information Services (CJIS) is the largest division of the FBI. They’re a hub of state-of-the-art tools and services for law enforcement, national security community partners, and the general public. The CJIS Security Policy is regularly updated to evolving industry best practices. Their June 2019 update introduced a ... Read More

Cracking dictionaries are software programs that compile lists of unique words, common passwords, and iterations of common passwords. These words are collected from public domain files from multiple sources and in various formats. With cracking dictionaries, hackers narrow the universe of possible passwords to try. Instead of a brute force ... Read More

Securing Passwords from Create to Retire Organizations are in a non-stop battle to protect their network and meet data security responsibilities in the face of ever-increasing cyberattacks. A key challenge is ensuring that users create secure passwords. Four out of five hacking breaches involve unsafe password practices. In this current ... Read More

Working from home used to seem something of a luxury, reserved for those whose work might not rely on customer interaction or face to face meetings. But since April of this year, the number of people working from home has dramatically increased, due to the risks associated with COVID-19. This ... Read More

When it comes to passwords, individual habits and organizational policies vary widely—unfortunately, the pattern is one of weakness. But organizational online security can be immediately improved by the implementation of a few key principles. Stronger passwords mean that users are keeping themselves safer online—and if users are safer online, it ... Read More

According to Verizon’s recently released 2020 Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials. We analyzed the findings and uncovered some additional data points that underscore how pervasive and detrimental poor password practices are to businesses today. Looking at the ... Read More

Cybersecurity isn’t always a battle to keep hackers out at all costs. Sometimes it’s actually about making the costs just not worth the effort. This is particularly true when it comes to how passwords are stored on your server. Let’s take a look at how to make it more unreasonably ... Read More

National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changing passwords frequently; or requiring users to generate passwords of a specified length. The changes address findings from NIST ... Read More

Password audits have become more difficult. New data breaches expose credentials every day. These are quickly fed into hackers’ cracking dictionaries, changing which passwords you need to keep out. Verizon’s DBIR found 81% of data breaches were caused by compromised, weak, and reused passwords. Traditional algorithmic complexity rules are no ... Read More

Today is World Password Day and despite proclamations that passwords are going the way of the Dodo, they are still a fundamental part of our digital lives. However, they remain a weak link in our approach to cybersecurity and it’s time for us all to rethink how we create and ... Read More