Passwords
Passwords | News, how-tos, features, reviews, and videos
How passkeys are changing authentication
Well-implemented passkeys can improve the user experience and make it harder for cybercriminals to launch phishing and other attacks.
Why it might be time to consider using FIDO-based authentication devices
Access codes sent by SMS or authenticator apps can be bypassed by clever phishing. Hardware-based tokens make that harder to do.
Dashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan
Password manager vendor releases new credential security and support service features, along with a new low-cost option for small businesses.
12 famous passwords used through the ages
Passwords seem like a recent thing, but they've been in use for a long time. Here are a dozen of the more memorable ones.
Dashlane launches integrated passkey support for password manager with new in-browser passkey solution
Dashlane's passkey support allows users to authenticate to their password vaults without a password.
Passwordless company claims to offer better password security solution
Stytch's business is getting rid of passwords so why is it trying to "modernize" their use?
Apple, Google, Microsoft expand support for FIDO passwordless sign-in standard
The tech giants commit to expanded support for FIDO passwordless standard that the firms say will allow faster, easier and more secure sign-ins across leading devices and platforms.
7 hot cybersecurity trends (and 2 going cold)
Is that security trend hot or not? From tools and technologies to threats and tactics, the numbers don't lie.
Consumers are done with passwords, ready for more innovative authentication
Surveys indicate that consumers are becoming more open to biometrics and multi-factor authentication.
Rainbow tables explained: How they work and why they're (mostly) obsolete
Rainbow tables are password cracking tools with origins dating back to research from the early 1980s. Here's how they work, why attacks are easy to prevent, and how they compare to modern password cracking.
4 tips to prevent easy attacker access to Windows networks
The Colonial Pipeline attackers likely got in using old, compromised VPN credentials. This advice will force attackers to work much harder.
Credential stuffing explained: How to prevent, detect, and defend against it
Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts.
![CSO > Password elimination [conceptual password security lock in a trash bin]](https://images.idgesg.net/images/article/2019/06/cso_password_elimination_abstract_passwords_by_bluebay2014_gettyimages-924698706_trashed_security_lock_in_garbage_can_by_porcorex_gettyimages-916512456_2400x1600-100798132-small.3x2.jpg?auto=webp&quality=85,70)
The password hall of shame (and 10 tips for better password security)
Banish these common passwords now and employ these tips for better password security.
Tips to improve domain password security in Active Directory
Follow this advice to better secure domain passwords in a Microsoft environment.
How to reset Kerberos account passwords in an Active Directory environment
A regular reset of the KRBTGT account password will help prevent golden ticket attacks that allow wide unauthorized access to your network.
Tech Primer
What it takes to become an information assurance analyst
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...
Tech Primer
Fraud prevention: Improving internal controls
Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.
Tech Primer
How to write an information security policy
Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.