Covers strategies, tools, and policies for managing passwords across enterprise environments. Articles explore centralized credential management, role-based access controls, vault solutions, and organizational policies that reduce password-related vulnerabilities at scale.
posts
The Breach That Started With a Single Reused Password In January 2024, a credential stuffing attack hit genetic testing giant 23andMe, ultimately exposing the personal data of approximately 6.9 million users. The root cause wasn't some exotic zero-day exploit. It was customers reusing passwords they'd
The Breach That Started With "Company2024!" In January 2024, the password "admin" was still the most common credential found in data breaches according to NordPass research. That same year, the Verizon 2024 Data Breach Investigations Report confirmed that stolen credentials were involved in over 77% of
The 24 Billion Stolen Passwords Nobody Talks About In 2022, researchers at Digital Shadows found over 24 billion username-and-password pairs circulating on dark web marketplaces and criminal forums. That number has only grown. If you think your organization's credentials aren't in that pile, I'd
In 2024, a single set of stolen Snowflake credentials led to the breach of over 165 organizations — including Ticketmaster and AT&T — exposing hundreds of millions of customer records. The root cause wasn't some exotic zero-day exploit. It was reused passwords without multi-factor authentication. Every one of
