Passwords

Passwords | News, how-tos, features, reviews, and videos

A large 'X' marks a conceptual image of a password amid hexadecimal code.
Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.

security access / authorization / login credentials / username / password / mobile phone

8 steps to protecting login credentials

Follow this advice to help users and network admins to better protect login credentials to corporate systems.

Binary code data flows through the cracked seal of a vault.

John the Ripper explained: An essential password cracker for your hacker toolkit

One of the oldest password cracking and testing tools, John the Ripper is still an essential pen testing tool.

A conceptual representation of accessing username and password credentials.

Hashcat explained: How this password cracker works

Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies. At its most basic level, hashcat guesses a password, hashes it, and then compares the resulting...

digital circuit-board key amid binary code / hardware key

Making the case for hardware 2FA in the enterprise

Hardware 2FA tokens are the best and cheapest defense against phishing and credential stuffing attacks, but there are some gotchas.

CSO > Password elimination [conceptual password security lock in a trash bin]

The 25 worst passwords of 2019, and 8 tips for improving password security

Blacklist these 25 passwords now and use these tips to improve enterprise password security.

tt20 012 thumb
video

How to choose a password manager

There's plenty of options to pick from when it comes to selecting a password manager. But why should you use one? Do you want something cloud-based or local? CSO Online writer J.M. Porup joins Juliet to discuss the ins and outs of...

Many keys, one lock  >  Brute-force credential stuffing.

Credential stuffing explained: How to prevent, detect and defend against it

The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder for them to use credential stuffing.

security policy primary

How to create an effective security policy (and 4 templates to get you started)

Download our ebook that features templates for security policies on passwords, acceptable use, email, access control, BYOD and incident response.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

2fa explained: How to enable it and how it works

Two-factor authentication (2fa) is a method of establishing access to an online account or computer system that requires the user to provide two different types of information. It can boost security for anyone using any kind of online...

artificial intelligence brain machine learning digital transformation world networking

Is AI fundamental to the future of cybersecurity?

Thanks to the quickening pace of natural language capability development, artificial intelligence will likely be at the forefront of the next wave of cybersecurity tools.

security key password internet azure keyhole

How to set up password policies in Azure AD Password Protection

When was the last time you reviewed your password policy? It's probably time to update, and Microsoft Azure has a good tool to set up and manage that policy.

CSO > Password elimination [conceptual password security lock in a trash bin]

How First Citrus Bank got rid of employee passwords

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

6 gotta know ipassword tips reveal password with large type 6

What should your company’s change password policy be?

Microsoft's recent dropping of its maximum password age default renews the debate over forced password changes. Here's why you should continue to expire passwords.

Facebook Data Debacle - Android

Facebook stashing plain text passwords is a wake-up call to improve GRC

Facebook storing hundreds of millions of user passwords in plain text demonstrates the urgent need for more effective governance, risk management and compliance at public companies.

hot and cold fire and ice clash temperature

7 hot cybersecurity trends (and 4 going cold)

Is that security trend hot or not? From tools and technologies to threats, tactics, and training, the numbers don't lie.

login password - user permissions - administrative control

How to protect against poor Windows password practices

Employees will reuse passwords for work systems for their personal online accounts. Here's how to set up multifactor authentication in a Windows environment to reduce the risk of password compromise.

passwords / authentication

Password managers remain an important security tool despite new vulnerability report

Experts downplay discovery of a vulnerability that can expose passwords in a computer's memory. Hackers likely to take easier paths to stealing passwords.

passwords / authentication

The best password advice right now (Hint: It's not the NIST guidelines)

Short and crackable vs. long, complex and prone to reuse? The password debate rages on, but this columnist has a change of mind.

Load More
You Might Also Like