top of page
  • Writer's pictureITConnexx Team

Stolen Credentials - HUGE Security Risk

One of the biggest dark web threats to businesses is credential compromise. Initial access brokers specialize in selling credentials that unlock the door to companies. Sometimes they gain those credentials from malicious insiders or former employees. In other cases, bad actors buy or obtain huge lists of credentials stolen in other breaches. They are often used in credential stuffing attacks — a cyberattack in which bad actors pelt a company’s defenses with thousands of credentials quickly in the hope that someone at that company has recycled a compromised password. There are more than 24.6 billion complete sets of usernames and passwords in circulation on the dark web, which is four full sets of credentials for every person on earth.

Do not expose your company, or yourself, to a possible username and password compromise. Microsoft recommends the following guidelines for password policy.

  • Length of Password - Minimum of 14 characters length

  • Complexity of Password - Require upper case, lower case, numeric, and symbol

  • Force Password Change - Every 60 days

  • Do Not Allow Recycle of Passwords - Restricting the use of the last 6

  • Deploy a MFA (Multi Factor Authentication) tool

We take password security serious at ITConnexx. Contact us a or call us at 800-797-0345 to talk security.

2 views0 comments

Recent Posts

See All
bottom of page