Passwords

Passwords | News, how-tos, features, reviews, and videos

A large 'X' marks a conceptual image of a password amid hexadecimal code.
Feature

Is now the time to deploy passwordless options?

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.
Feature

What is a dictionary attack? And how you can easily stop them

security access / authorization / login credentials / username / password / mobile phone
Feature

8 steps to protecting login credentials

Follow this advice to help users and network admins to better protect login credentials to corporate systems.

Binary code data flows through the cracked seal of a vault.
Feature

John the Ripper explained: An essential password cracker for your hacker toolkit

One of the oldest password cracking and testing tools, John the Ripper is still an essential pen testing tool.

A conceptual representation of accessing username and password credentials.
Feature

Hashcat explained: How this password cracker works

Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies. At its most basic level, hashcat guesses a password, hashes it, and then compares the resulting...

digital circuit-board key amid binary code / hardware key
Feature

Making the case for hardware 2FA in the enterprise

Hardware 2FA tokens are the best and cheapest defense against phishing and credential stuffing attacks, but there are some gotchas.

CSO > Password elimination [conceptual password security lock in a trash bin]
Feature

The 25 worst passwords of 2019, and 8 tips for improving password security

Blacklist these 25 passwords now and use these tips to improve enterprise password security.

tt20 012 thumb
video

How to choose a password manager

There's plenty of options to pick from when it comes to selecting a password manager. But why should you use one? Do you want something cloud-based or local? CSO Online writer J.M. Porup joins Juliet to discuss the ins and outs of...

Many keys, one lock > Brute-force credential stuffing.
Feature

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

security policy primary
How-To

How to create an effective security policy (and 4 templates to get you started)

Download our ebook that features templates for security policies on passwords, acceptable use, email, access control, BYOD and incident response.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code
Feature

2fa explained: How to enable it and how it works

Two-factor authentication (2fa) is a method of establishing access to an online account or computer system that requires the user to provide two different types of information. It can boost security for anyone using any kind of online...

artificial intelligence brain machine learning digital transformation world networking
The Future of SecurityBy

Is AI fundamental to the future of cybersecurity?

Thanks to the quickening pace of natural language capability development, artificial intelligence will likely be at the forefront of the next wave of cybersecurity tools.

security key password internet azure keyhole
How-To

How to set up password policies in Azure AD Password Protection

When was the last time you reviewed your password policy? It's probably time to update, and Microsoft Azure has a good tool to set up and manage that policy.

CSO > Password elimination [conceptual password security lock in a trash bin]
Feature

How First Citrus Bank got rid of employee passwords

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

6 gotta know ipassword tips reveal password with large type 6
Feature

What should your company’s change password policy be?

Microsoft's recent dropping of its maximum password age default renews the debate over forced password changes. Here's why you should continue to expire passwords.

Facebook Data Debacle - Android
The Security Of IdentityBy

Facebook stashing plain text passwords is a wake-up call to improve GRC

Facebook storing hundreds of millions of user passwords in plain text demonstrates the urgent need for more effective governance, risk management and compliance at public companies.

hot and cold fire and ice clash temperature
Feature

7 hot cybersecurity trends (and 4 going cold)

Is that security trend hot or not? From tools and technologies to threats, tactics, and training, the numbers don't lie.

login password - user permissions - administrative control
How-To

How to protect against poor Windows password practices

Employees will reuse passwords for work systems for their personal online accounts. Here's how to set up multifactor authentication in a Windows environment to reduce the risk of password compromise.

passwords / authentication
News Analysis

Password managers remain an important security tool despite new vulnerability report

Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.

passwords / authentication
Opinion

The best password advice right now (Hint: It's not the NIST guidelines)

Short and crackable vs. long, complex and prone to reuse? The password debate rages on, but this columnist has a change of mind.

Load More
You Might Also Like
Popular Resources
See All
Most Popular