Data breaches most often involve the abuse of credentials. By assuming the identity and using the credentials of legitimate users, threat actors can more freely traverse an organization’s network, find valuables, and extract them without detection. The global COVID-19 pandemic has exposed holes in enterprise cybersecurity programs with 10s to 100s of millions of people logging in remotely.
The purpose of this paper is to describe the five best ways in which organizations can improve password security. Threat actors are constantly seeking new targets and fruitful assaults. Stronger password security might make it difficult enough that would-be attackers simply move on to the next easier victim.