Passwords are the foundations of our digital identity, which makes them rich targets for cyber criminals. With the right password, a hacker can accomplish all sorts of nefarious tasks, including theft, fraud and impersonation. So how exactly do hackers manage to make off with our passwords, and what can be done to stop them?
In this episode, we discuss the methods - both simple and complex - that cyber criminals can employ to pilfer our credentials, including data breaches, watering hole attacks and social engineering, as well as how you can safeguard yourself against falling victim.
Footnotes
- The IT Pro Podcast Special Edition: Fighting password compromise
- The top 12 password-cracking techniques used by hackers
- What is phishing?
- 10 quick tips to identifying phishing emails
- What are you giving away on social media?
- The IT Pro Podcast: The psychology of security
- Have I Been Pwned: Check if your email has been compromised in a data breach
- LastPass hacked - what you should do
- What is two-factor authentication?
- Simplify cluster security at scale
- The IT Pro Podcast: The secret life of hackers
- How to check if your passwords have been stolen
- If not passwords then what?
- 4 quick tips to create an unbreakable password
- Apple releases open source tools for password manager developers
- HTTP vs HTTPS: What difference does it make to security?
- Most malware came through HTTPS connections in Q1 2020
- Wikipedia: John Titor
Subscribe
-
I love magic links – why aren’t more services using them?Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
-
Password management startup Passbolt secures $8 million to shake up credential securityNews Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrencyNews The hackers behind the LastPass breach are on a rampage two years after their initial attack
-
GitHub launches passkeys beta for passwordless authenticationNews Users can now opt-in to using passkeys, replacing their password and 2FA method
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectorsNews Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
-
No, Microsoft SharePoint isn’t cracking users’ passwordsNews The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacksNews The added layer of complexity aims to keep social engineering at bay
-
The rise of identity-based cyber attacks and how to mitigate themIn-depth If identity-based cyber attacks are successful, they can give hackers the opportunity to infiltrate an entire network
