Tag: Password security
November 29, 2024 |
A Comprehensive Look into Password Attacks and How to Stop Them
There are some things you want to keep private such as your bank account number, government ID number, etc. In the digital age, that includes the passwords that protect these accounts because once your account credentials are compromised, cybercriminals can get that information. That is why...
November 15, 2023 |
The Ultimate Guide to Password Best Practices: Guarding Your Digital Identity
In the wake of escalating cyber-attacks and data breaches, the ubiquitous advice of "don't share your password" is no longer enough. Passwords remain the primary keys to our most important digital assets, so following password security best practices is more critical than ever. Whether you're...
January 27, 2023 |
Tips for Better Password Management
Even as more advanced forms of authentication, such as biometrics, are developed and implemented, passwords continue to be a commonly used form of authentication. This is partly due to the fact that they are relatively simple to implement and require little infrastructure to support. However, the...
November 3, 2022 |
Cracking Active Directory Passwords with AS-REP Roasting
One critical way that attackers gain access to an IT environment and escalate their privileges is by stealing user password hashes and cracking them offline. We covered a method for harvesting service account passwords in our post on Kerberoasting. Here we will explore a technique that works...
October 27, 2022 |
Attacking Local Account Passwords
Learning how attackers target weak domain account passwords is not enough for Active Directory security. Let’s look beyond domain accounts and understand the ways adversaries attack local accounts on Windows servers and desktops. For this post, we will focus on the most important local account:...
October 13, 2022 |
Securing Your Group Managed Service Accounts
Group Managed Service Accounts Overview
The traditional practice of using regular user accounts as service accounts puts the burden of password management on users. As a result, the account passwords often stay the same for years — which leaves them highly susceptible to brute force attacks and...
October 11, 2022 |
WDigest Clear-Text Passwords: Stealing More than a Hash
What is WDigest?
Digest Authentication is a challenge/response protocol that was primarily used in Windows Server 2003 for LDAP and web-based authentication. It utilizes Hypertext Transfer Protocol (HTTP) and Simple Authentication Security Layer (SASL) exchanges to authenticate.
At a high...
September 8, 2022 |
Passwordless Authentication with Windows Hello for Business
Passwords are everywhere — and nobody likes them. For users, they are a pain to remember and manage. For businesses, they continue to be a primary source of data breaches, both on premises and in the cloud. In fact, the 2022 Verizon DBIR reports that credential theft was involved in nearly half...
September 6, 2022 |
Finding Weak Passwords in Active Directory
Knowing the credentials for any user account in your network gives an adversary significant power. After logging on as a legitimate user, they can move laterally to other systems and escalate their privileges to deploy ransomware, steal critical data, disrupt vital operations and more.
Most...
February 1, 2022 |
HIPAA Password Requirements
The healthcare industry faces a plethora of serious cybersecurity risks. Indeed, 2021 saw a record number of major health data breaches in the U.S. — the breach notification portal of the U.S. Department of Health and Human Services lists at least 713 incidents affecting 45.7 million...