all posts

Hashing: What You Need to Know About Storing Passwords

| | all posts, Password Hardening
Cybersecurity isn’t always a battle to keep hackers out at all costs. Sometimes it’s actually about making the costs just not worth the effort. This is particularly true when it comes to ...
Enzoic

A Brief Summary of NIST Password Guidelines

| | all posts, NIST 800-63b, NIST Password Guidelines
National Institute of Standards and Technology (NIST) has been substantially revising its password guidelines since 2017. Previous recommendations have been changed, including combining symbols, letters, and numeric to create complex passwords; changing ...
Enzoic

Need Help Auditing for Compromised Passwords?

| | all posts
Password audits have become more difficult. New data breaches expose credentials every day. These are quickly fed into hackers’ cracking dictionaries, changing which passwords you need to keep out. Verizon’s DBIR found ...
Enzoic
Identity and Access Management has a Password Problem

Identity and Access Management has a Password Problem

| | Active Directory, all posts, iam, identity and access management
Recent research from Enterprise Management Associates (EMA) found that a staggering 60% of organizations have experienced a security breach in the past year. Digging into the details, the leading source of breaches ...
Enzoic

8 Scary Statistics about the Password Reuse Problem

| | all posts, Continuous Password Protection, Cybersecurity, password reuse
As we rapidly move everything online in response to the global pandemic, this has put passwords front and center again. With the latest Marriott breach, it’s like groundhog day when it comes ...
Enzoic

Employee Account Takeover in the Age of COVID-19

| | , all posts, coronavirus, COVID-19, Cybersecurity, healthcare, insider threats
Account takeover for employees, customers, and users has become a real issue since the COVID-19 outbreak. Here is why that is and what organizations can do about it. Since its discovery in ...
Enzoic

Creating a NIST Password Policy for Active Directory

| | Active Directory, all posts, NIST 800-63b, NIST PASSWORD STANDARDS
NIST recommends rejecting passwords used for online guessing attacks and also eliminating periodic password expiration- unless the password is compromised. While these requirements make sense given current cyber threats, they don’t precisely ...
Enzoic

The Benefits and Drawbacks of Password Complexity Rules

| | Active Directory, all posts, NIST PASSWORD STANDARDS, Password Complexity Rules
In recent years, cybersecurity experts have called into question the usefulness of password complexity rules. Password complexity rules have existed in some form since the internet and email became mainstream. They have ...
Enzoic

Root Passwords: The Root of Password Problems

| | Active Directory, all posts, Common Passwords, Commonly Used Passwords, insider threats, NIST 800-63b, Password Expiration Policy, Root Detection, Root Password Detection
The average online user has over 90 accounts between personal and work accounts that require a password. That is a daunting number of unique passwords to memorize. In an effort to remember ...
Enzoic

Cracking Dictionaries: What You Need to Know

| | all posts, Cracking Dictionaries, Password Dictionaries
Passwords are the standard authentication factor across sites and systems, but how we deal with passwords has changed over time. Today, password hashing is a critical security measure organizations should leverage to ...
Enzoic
Load more