Blocking compromised passwords: How and why to do it

Advertisement


Passwords are beginning to feel like the zombie that just won’t die. Even after Bill Gates famously called for their demise in 2004, this antiquated form of user verification is still alive and kicking.

Yet, many remain hopeful that passwords will slowly be phased out as the world move towards stronger authentication. That is not the case with corporate America – more than half of U.S. organizations use only passwords to protect their financial information, according to 2017 State of Authentication report. What makes matters worse is that 25% of the U.S. employees reuse their password across personal and business accounts. This poses a significant problem. Cybercriminals can use a compromised personal account password to gain access to business accounts and potentially an entire business network. With 1.4 billion leaked passwords circulating the Dark Web, organizations that allow these passwords in their environments are asking for a breach.

Advertisement