Non-compliant and compromised passwords represent some of the weakest links and greatest threats to online security for both individuals and organizations today. Hackers steal credentials for profit using various techniques ranging from online and offline brute force, dictionary, and keylogger attacks to scanning cloud resources for exposed and forgotten credentials left on publicly accessible servers.
While setting strict password policies and educating end-users on credential best practices may reduce the chances of a cyberattack, over 80 percent of hacking-related data breaches still involve brute force or the use of lost, stolen, or compromised passwords, according to the 2020 Verizon Data Breach Investigations Report. Moreover, new research from Carnegie Mellon University’s Security and Privacy Institute (CyLab) found that only one-third of users change their passwords following a data breach announcement. ...read more!