passwords - Security Ticks

FortiBleed: 86,000 Fortinet Device Credentials Compromised

credentials, FortiBleed, Fortinet, Malware & Threats, Network Security, passwords / SecurityTicks

FortiBleed: 86,000 Fortinet Device Credentials Compromised 2026-06-19 at 13:48 By Ionut Arghire The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs. The post FortiBleed: 86,000 Fortinet Device Credentials Compromised appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

FortiBleed: 86,000 Fortinet Device Credentials Compromised Read More »

Passwords, MFA, and why neither is enough

authentication, Don't miss, FIDO Alliance, MFA, News, passwords, Portnox, strategy, tips, Video / SecurityTicks

Passwords, MFA, and why neither is enough 2026-03-13 at 07:37 By Help Net Security Passwords weren’t enough, so we added MFA. Now MFA isn’t enough either. In this Help Net Security video, Karlo Zatylny, CTO/CISO at Portnox, walks through why each layer of identity security has failed and what comes next. SMS codes can be

Passwords, MFA, and why neither is enough Read More »

Product showcase: RoboForm password manager for iOS

Don't miss, iOS, News, password manager, passwords, Product showcase, software / SecurityTicks

Product showcase: RoboForm password manager for iOS 2025-12-30 at 08:41 By Anamarija Pogorelec RoboForm is a password manager that helps users store and manage login credentials, identities, and other sensitive information in one place. The app is available on macOS, Windows, Android, and iOS. It uses AES-256-bit encryption and a master password to protect stored

Product showcase: RoboForm password manager for iOS Read More »

Password habits are changing, and the data shows how far we’ve come

Don't miss, Flare, News, password management, passwords, Video / SecurityTicks

Password habits are changing, and the data shows how far we’ve come 2025-12-11 at 08:13 By Help Net Security In this Help Net Security video, Andréanne Bergeron, Security Researcher at Flare, explains how changes in user habits, policy shifts, and new tools have shaped password security over nearly twenty years. She walks through research based

Password habits are changing, and the data shows how far we’ve come Read More »

Social data puts user passwords at risk in unexpected ways

authentication, cyber risk, Don't miss, Facebook, Hot stuff, Instagram, LinkedIn, LLMs, News, passwords, Privacy, research, social media, tips / SecurityTicks

Social data puts user passwords at risk in unexpected ways 2025-11-28 at 09:08 By Anamarija Pogorelec Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal how much information can be reconstructed from public profiles and how

Social data puts user passwords at risk in unexpected ways Read More »

The identity mess your customers feel before you do

authentication, cybersecurity, Descope, identity management, MFA, News, passkeys, passwords, report / SecurityTicks

The identity mess your customers feel before you do 2025-11-27 at 07:55 By Anamarija Pogorelec Customer identity has become one of the most brittle parts of the enterprise security stack. Teams know authentication matters, but organizations keep using methods that frustrate users and increase risk. New research from Descope shows how companies manage customer identity

The identity mess your customers feel before you do Read More »

Is your password manager truly GDPR compliant?

authentication, Don't miss, GDPR, News, password manager, passwords, Passwork / SecurityTicks

Is your password manager truly GDPR compliant? 2025-11-20 at 08:34 By Sinisa Markovic Passwords sit at the core of every critical system, but many organizations still overlook how fragile their password workflows can be. When something goes wrong, security teams rush to uncover who had access, how those passwords were stored and whether sensitive data

Is your password manager truly GDPR compliant? Read More »

Product showcase: Proton Pass, a password manager with identity protection

authentication, Don't miss, FIDO Alliance, News, password manager, passwords, Privacy, Product showcase, software / SecurityTicks

Product showcase: Proton Pass, a password manager with identity protection 2025-11-19 at 07:02 By Help Net Security Managing passwords can be a real headache, and it’s still common to fall back on reusing them or storing them in a browser without much protection. Proton Pass, built by the Swiss company Proton AG (the team behind

Product showcase: Proton Pass, a password manager with identity protection Read More »

Employees keep finding new ways around company access controls

1Password, access control, Artificial Intelligence, cybersecurity, News, passwords, policy, report, SaaS, shadow IT / SecurityTicks

Employees keep finding new ways around company access controls 2025-11-03 at 07:30 By Anamarija Pogorelec AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, and IAM no longer align with how employees and AI

Employees keep finding new ways around company access controls Read More »

Passwordless adoption moves from hype to habit

authentication, CISO, cybersecurity, Dashlane, Don't miss, enterprise, News, passwordless, passwords, report, survey / SecurityTicks

Passwordless adoption moves from hype to habit 2025-10-31 at 08:00 By Anamarija Pogorelec With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift is picking

Passwordless adoption moves from hype to habit Read More »

Plex Urges Password Resets Following Data Breach

data breach, Data Breaches, passwords, Plex / SecurityTicks

Plex Urges Password Resets Following Data Breach 2025-09-09 at 11:53 By Ionut Arghire Hackers accessed emails, usernames, password hashes, and authentication data stored in a Plex database. The post Plex Urges Password Resets Following Data Breach appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Plex Urges Password Resets Following Data Breach Read More »

Password crisis in healthcare: Meeting and exceeding HIPAA requirements

authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, healthcare, HIPAA, Hot stuff, News, passwords, Passwork, regulation / SecurityTicks

Password crisis in healthcare: Meeting and exceeding HIPAA requirements 2025-08-20 at 19:25 By Help Net Security In 2025, healthcare organizations are facing a new wave of password security risks. Recent data from the HIMSS Cybersecurity Survey reveals that 74% experienced at least one significant security incident over the last year. More than half of responders

Password crisis in healthcare: Meeting and exceeding HIPAA requirements Read More »

Open-source password recovery utility Hashcat 7.0.0 released

Don't miss, GitHub, News, open source, passwords, penetration testing, red team, software / SecurityTicks

Open-source password recovery utility Hashcat 7.0.0 released 2025-08-04 at 08:10 By Anamarija Pogorelec Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other hardware accelerators across Linux, Windows, and macOS, and includes features for distributed password cracking at

Open-source password recovery utility Hashcat 7.0.0 released Read More »

Why stolen credentials remain cybercriminals’ tool of choice

credentials, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, N-able, News, opinion, passwords / SecurityTicks

Why stolen credentials remain cybercriminals’ tool of choice 2025-07-31 at 09:26 By Help Net Security It’s often the case that the simplest tools have the longest staying power, because they ultimately get the job done. Take duct tape, for example: it’s a sturdy household classic that wasn’t invented to be elegant or high tech. It

Why stolen credentials remain cybercriminals’ tool of choice Read More »

Review: Passwork 7.0, self-hosted password manager for business

authentication, cybersecurity, Don't miss, Hot stuff, News, passwords, Passwork, Review, Reviews, software / SecurityTicks

Review: Passwork 7.0, self-hosted password manager for business 2025-07-17 at 13:09 By Help Net Security Over the years, the number of services we use has exploded, and so has the need to protect our credentials. Back in what I like to call “the age of innocence,” we scribbled passwords on paper or reused “password123” across

Review: Passwork 7.0, self-hosted password manager for business Read More »

Product showcase: Enzoic for Active Directory

Active Directory, credentials, cybersecurity, Don't miss, Enzoic, Hot stuff, monitoring, News, passwords, policy, Product showcase / SecurityTicks

Product showcase: Enzoic for Active Directory 2025-07-16 at 08:19 By Help Net Security Enzoic for Active Directory is an easy-to-install plugin that integrates with Microsoft Active Directory (AD) to set, monitor, and remediate unsafe passwords and credentials. In essence, it serves as an always-on sentinel for AD, preventing users from choosing compromised or weak passwords

Product showcase: Enzoic for Active Directory Read More »

New Microsoft accounts will be “passwordless by default”

account protection, authentication, Don't miss, Hot stuff, Microsoft, News, passwordless, passwords, tips / SecurityTicks

New Microsoft accounts will be “passwordless by default” 2025-05-02 at 14:18 By Zeljka Zorz Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of [a recently simplified sign-in user experience], we’re changing the default behavior for new accounts,” Vasu Jakkal,

New Microsoft accounts will be “passwordless by default” Read More »

People know password reuse is risky but keep doing it anyway

Bitwarden, cyber risk, cybersecurity, News, passwords, report, survey / SecurityTicks

People know password reuse is risky but keep doing it anyway 2025-05-02 at 08:16 By Help Net Security 35% of Gen Z said they never or rarely update passwords after a data breach affecting one of their accounts, according to Bitwarden. Only 10% reported always updating compromised passwords. 38% of Gen Z and 31% of

People know password reuse is risky but keep doing it anyway Read More »

What’s worth automating in cyber hygiene, and what’s not

1Password, authentication, automation, BitSight, CISO, credentials, cyber hygiene, cybersecurity, Don't miss, enterprise, Features, Hot stuff, News, passwords, patching, strategy, Swimlane, tips / SecurityTicks

What’s worth automating in cyber hygiene, and what’s not 2025-04-29 at 09:05 By Mirko Zorz Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Automation can help. But

What’s worth automating in cyber hygiene, and what’s not Read More »

The future of authentication: Why passwordless is the way forward

authentication, CISO, cybersecurity, Don't miss, FIDO Alliance, News, Okta, passwordless, passwords, Stytch, Yubico / SecurityTicks

The future of authentication: Why passwordless is the way forward 2025-04-16 at 07:35 By Sinisa Markovic By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex password policies don’t stop phishing or credential stuffing. That’s why passwordless

The future of authentication: Why passwordless is the way forward Read More »