Tag

Multi-Factor Authentication

Posts tagged with multi-factor authentication explain how layered identity verification strengthens access security. Coverage includes MFA implementation strategies, authenticator app comparisons, hardware token options, and best practices for deploying MFA across enterprise environments.

posts

Password Security Best Practices

Password Security Best Practices That Actually Work

The Breach That Started With a Single Reused Password In September 2023, MGM Resorts International lost an estimated $100 million after a threat actor social-engineered their way into systems — and weak credential hygiene played a central role. That incident didn't start with a sophisticated zero-day exploit. It started

Carl B. Johnson Jan 22, 2024 6 min read
Strong Passwords

How to Create a Strong Password That Actually Stops Hackers

In September 2023, a credential stuffing attack against 23andMe exposed the personal data of nearly 7 million users. The root cause wasn't some exotic zero-day exploit. It was reused, weak passwords. Attackers took credentials leaked from other breaches, tried them on 23andMe accounts, and walked right in. That&

Carl B. Johnson Jan 22, 2024 7 min read
Password Manager Benefits

Password Manager Benefits That Stop 80% of Breaches

The Breach That Started With "Company123!" In September 2023, MGM Resorts lost an estimated $100 million after a threat actor used social engineering to compromise employee credentials. The attack didn't require some sophisticated zero-day exploit. It started with identity — with passwords and people. And it'

Carl B. Johnson Jan 22, 2024 7 min read
Multi-Factor Authentication

Multi-Factor Authentication Setup: A Practical Guide

In September 2023, MGM Resorts lost an estimated $100 million after a threat actor bypassed their security by socially engineering a helpdesk employee into resetting MFA credentials. Let that sink in. The company had multi-factor authentication. It still wasn't enough — because the multi-factor authentication setup and the processes

Carl B. Johnson Jan 20, 2024 7 min read
Password Hygiene Tips

Password Hygiene Tips That Actually Stop Breaches

The 23andMe Breach Started With Recycled Passwords In October 2023, genetic testing company 23andMe confirmed that attackers accessed roughly 6.9 million user profiles. The method wasn't some exotic zero-day exploit. It was credential stuffing — threat actors took username and password combinations leaked from other breaches and simply

Carl B. Johnson Jan 20, 2024 7 min read
Strong Passwords

Strong Password Examples That Actually Stop Hackers

The Password That Cost One Company $4.4 Billion In 2017, Equifax suffered a breach that exposed 147 million records and eventually cost the company over $4 billion in total losses and settlements. One of the contributing factors? Weak internal credential management. The admin username and password for a critical

Carl B. Johnson Dec 11, 2023 7 min read
Zero Trust

What Is Zero Trust? A Practical Guide for 2024

In January 2023, T-Mobile disclosed that a threat actor had been siphoning data from 37 million customer accounts since November 2022 — through a single exploited API. The attacker moved laterally for weeks without triggering alarms. If you've ever wondered what is zero trust and why the entire industry

Carl B. Johnson Dec 09, 2023 7 min read
Zero Trust Implementation

Zero Trust Implementation: A Practical Guide for 2024

The Breach That Proved Perimeter Security Is Dead In January 2023, T-Mobile disclosed that a threat actor had been siphoning data from 37 million customer accounts since late November 2022 — by exploiting a single API. The attacker was already inside the network, moving laterally, harvesting names, emails, phone numbers, and

Carl B. Johnson Dec 07, 2023 8 min read