Passwords

Passwords | News, how-tos, features, reviews, and videos

Binary code data flows through the cracked seal of a vault.
A conceptual representation of accessing username and password credentials.

digital circuit-board key amid binary code / hardware key

Making the case for hardware 2FA in the enterprise

Hardware 2FA tokens are the best and cheapest defense against phishing and credential stuffing attacks, but there are some gotchas.

CSO > Password elimination [conceptual password security lock in a trash bin]

The 25 worst passwords of 2019, and 8 tips for improving password security

Blacklist these 25 passwords now and use these tips to improve enterprise password security.

tt20 012 thumb
video

How to choose a password manager

There's plenty of options to pick from when it comes to selecting a password manager. But why should you use one? Do you want something cloud-based or local? CSO Online writer J.M. Porup joins Juliet to discuss the ins and outs of...

Many keys, one lock  >  Brute-force credential stuffing.

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

security policy primary

How to create an effective security policy (and 4 templates to get you started)

Download our ebook that features templates for security policies on passwords, acceptable use, email, access control, BYOD and incident response.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

2fa explained: How to enable it and how it works

Two-factor authentication (2fa) is a method of establishing access to an online account or computer system that requires the user to provide two different types of information. It can boost security for anyone using any kind of online...

artificial intelligence brain machine learning digital transformation world networking

Is AI fundamental to the future of cybersecurity?

Thanks to the quickening pace of natural language capability development, artificial intelligence will likely be at the forefront of the next wave of cybersecurity tools.

security key password internet azure keyhole

How to set up password policies in Azure AD Password Protection

When was the last time you reviewed your password policy? It's probably time to update, and Microsoft Azure has a good tool to set up and manage that policy.

CSO > Password elimination [conceptual password security lock in a trash bin]

How First Citrus Bank got rid of employee passwords

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

6 gotta know ipassword tips reveal password with large type 6

What should your company’s change password policy be?

Microsoft's recent dropping of its maximum password age default renews the debate over forced password changes. Here's why you should continue to expire passwords.

Facebook Data Debacle - Android

Facebook stashing plain text passwords is a wake-up call to improve GRC

Facebook storing hundreds of millions of user passwords in plain text demonstrates the urgent need for more effective governance, risk management and compliance at public companies.

hot and cold fire and ice clash temperature

7 hot cybersecurity trends (and 4 going cold)

Is that security trend hot or not? From tools and technologies to threats, tactics, and training, the numbers don't lie.

login password - user permissions - administrative control

How to protect against poor Windows password practices

Employees will reuse passwords for work systems for their personal online accounts. Here's how to set up multifactor authentication in a Windows environment to reduce the risk of password compromise.

passwords / authentication

Password managers remain an important security tool despite new vulnerability report

Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.

passwords / authentication

The best password advice right now (Hint: It's not the NIST guidelines)

Short and crackable vs. long, complex and prone to reuse? The password debate rages on, but this columnist has a change of mind.

a hand holding a key moves toward an @ symbol with many locks

I can get and crack your password hashes from email

Malicious hackers can use a simple trick to get your Windows computer to authenticate to a remote server that captures your password hash — just by sending you an email. Take these steps to test for the vulnerability.

login password - user permissions - administrative control

Using a password manager: 7 pros and cons

This veteran security pro feels more secure now that he's using a password manager, but there are still risks.

keys authentication

What is the future of authentication? Hint: It’s not passwords, passphrases or MFA

Passphrases and MFA are not password saviors. Ultimately, authentication will rely on algorithms to determine user identity and detect fraudulent actions.

Load More
You Might Also Like