Comprehensive recommendations for securing passwords across personal and professional accounts. Topics include multi-factor authentication, password manager usage, rotation policies, and avoiding reuse to minimize the risk of unauthorized access.
posts
The Breach That Started With a Single Reused Password In January 2024, a credential stuffing attack hit genetic testing giant 23andMe, ultimately exposing the personal data of approximately 6.9 million users. The root cause wasn't some exotic zero-day exploit. It was customers reusing passwords they'd
The Breach That Started With a Single Reused Password In September 2023, MGM Resorts International lost an estimated $100 million after a threat actor social-engineered their way into systems — and weak credential hygiene played a central role. That incident didn't start with a sophisticated zero-day exploit. It started
The 61% Problem You're Probably Ignoring The 2021 Verizon Data Breach Investigations Report found that 61% of all breaches involved credential data. Not sophisticated zero-day exploits. Not nation-state malware. Stolen, weak, or reused passwords. That single statistic should reshape how your organization thinks about password security best practices
The Breach That Started With a Single Reused Password In December 2020, the SolarWinds breach dominated every security headline on the planet. But while the world fixated on nation-state threat actors and supply chain attacks, I kept thinking about a detail that emerged early: a SolarWinds intern had reportedly set
The 24 Billion Stolen Passwords Nobody Talks About In 2022, researchers at Digital Shadows found over 24 billion username-and-password pairs circulating on dark web marketplaces and criminal forums. That number has only grown. If you think your organization's credentials aren't in that pile, I'd
