Constella Intelligence research reveals that one in four cybersecurity leaders use the same passwords for both work and personal use; more than half experience account takeover first-hand
May 21, 2021
Constella Intelligence (“Constella”), Digital Risk Protection leader, released the results of “Cyber Risk in Today’s Hyperconnected World,” a survey that unlocks the behaviors and tendencies that characterize how vigilant organizations’ leaders are when it comes to reducing cyber vulnerability, allowing the industry to better understand how social media is leveraged as an attack vector and how leaders are responding to this challenge.
While cybersecurity attack methods are rapidly evolving, it's more often than not a misuse of administrative privileges and weak or stolen credentials that are enough to breach any critical infrastructure. Let's take the attack on the water treatment plant for example—all it took for the unidentified perpetrator was one unprotected password to access and handle the control systems remotely. Time and again, incidents like this prove that when passwords are stored in secure vaults and are subject to standard security practices, the chances of getting hacked are far lower.
Thursday, May 6 is World Password Day, a day dedicated to promoting safer password practices. Strong password management has been especially important as cyberattacks have skyrocketed since the onset of the pandemic and the switch to remote work. Here, security executives share their insight and tips on how to create and promote safer password practices in the enterprise and among employees.
According to Transmit Security’s State of Customer Authentication report, 55% of consumers have stopped using a website because of the login process and more than 87% have been locked out of an online account because of an error-ridden password process.
March 30, 2021
Transmit Security has released “The Impact of Passwords on Your Business,” a State of Customer Authentication report that includes customer experience insights based on its survey of 600 U.S. consumers. According to the report findings, organizations are losing potential customers and a substantial amount of revenue due to their dependency on traditional password systems and outdated customer authentication models.
While password spraying results in the infiltration of many accounts every year, it’s also one of the easiest attacks for cyber-aware employees to thwart. In other words, password spraying needs to be a top consideration for any successful cybersecurity platform.
GitGuardian announced the results of its 2021 State of Secrets Sprawl on GitHub report. The report, which is based on GitGuardian’s constant monitoring of every single commit pushed to public GitHub, indicates an alarming growth of 20% year-over-year in the number of secrets found. A growing volume of sensitive data - or secrets – such as API keys, private keys, certificates, username and passwords end up publicly exposed on GitHub, putting corporate security at risk as the vast majority of organizations are either ignoring the problem or poorly equipped to cope with it.
In order to report on how secure the average American’s password is, the Safety.com research team conducted a survey of 1,210 US residents about the length and complexity of their passwords: 67.3% of survey respondents said their average password was equal to or less than eight characters long; 7.8% of respondents said their average password was less than five characters long; 19.3% of respondents said their average password was fifteen characters or more; Adults younger than 25 and older than 55 were amongst the groups with the shortest passwords.
With mobile usage a dominant channel going forward, authentication techniques need to move beyond two steps forward for authentication and one step backward for user experience. Just as passwords are being discarded because of the high friction they create for users, new multi-factor authentication techniques are moving in.