In passwords, this provides a secure way to let users prove that they know their own password, without any need to transmit their actual credentials – it is a cryptographic method that proves you know your password without needing to actually submit your credentials. Specops Password Policy integrates with your Active Directory to continuously block a growing database of more than 4 billion compromised passwords, while preventing users from creating weak passwords and scanning for passwords that have been compromised or breached. Passwords will remain a key security element for most orgniazations, with additional authentication methods used to enhance defenses. Unlike standard passwords, which are often short and complex, passphrases consist of multiple words strung together, creating a longer but more memorable authentication method. Many of these techniques have been available for some time, yet passwords remain the foundation of online security, used daily by consumers and businesses across the globe. And there’s plenty more evidence of password vulnerabilities: Verizon’s Data Breach Investigations Report (DBIR) 2024 found that stolen credentials were the top action leading to a breach. Passkeys are resistant to credential stuffing and phishing attacks because the private key used for authentication is securely stored on users' devices and never shared with websites or transmitted over the internet. Our new Specops Breached Password Report found that of one billion stolen credentials, almost a quarter met standard complexity requirements – and still the criminals broke through. These stolen passwords – 230 million of them – met all the requirements of their organization, including more than eight characters, one capital letter, a special character and a number. They key is therefore to ensure your passwords are as robust as possible, no matter what technology you use to enhance your security. Authentication technologies will continue to advance, but you’ll always need to stay on top of your passwords. The optimum approach isn’t to choose between passwords and some other form of security. Biometric authentication uses a person’s physical attributes to confirm their identity: for example, fingerprints, facial recognition, iris scans etc. Security keys are resistant to attacks as they not only require access to the physical device but also the biometrics and PIN required to authenticate the login. Passkeys are phishing-resistant alternatives to passwords that have been growing in popularity over the last couple of years. Instead, we should embrace the advantages of new technologies, while retaining the convenience and security of passwords. The solution is to opt for the best of both worlds by building multi-factor authentication, going beyond two-factor authentication to build in as many layers of security as possible. Many of us have moved beyond passwords alone for online security, and it’s not hard to see why. Security keys are physical devices, usually USB, NFC, or Bluetooth, that are most commonly used for multi-factor authentication (MFA). After entering a password, users tap the security key or enter a PIN to verify their identity, which allows the user to log in to the site or application. And if the system is compromised, you can’t just reset biometric data, like you would a password. However, there remain questions around the possible cost of storing passwords on blockchain ledgers like Bitcoin.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 26 Mar 2025 15:20:23 +0000