There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment.
Why would an attacker take the long, complicated way if they have the keys to the front door?
No matter how extensive your security solutions are, protecting the various systems in your environment, your organization may likely be an easy target without proper password security. An especially vulnerable type of password is a breached password, a.k.a “pwned” password.
What is a breached password? How do you discover breached passwords in your environment? How can organizations effectively protect their end-users from using these types of passwords?
The Danger of Compromised Accounts
The IBM Cost of a Data Breach Report 2020 noted compromised credentials as one of the primary contributors to malicious data breaches in the report’s key findings. It noted:
“Stolen or compromised credentials were the most expensive cause of malicious data breaches. One in five companies (19%) that suffered a malicious data breach was infiltrated due to stolen or compromised credentials, increasing the average total cost of a breach for…
http://feedproxy.google.com/~r/TheHackersNews/~3/aLxdq_Y3IwY/how-organizations-can-prevent-users.html