During authentication, the password (or "passphrase" / "passcode") is the object used to verify the identity of a claimed party. Passwords are commonly alphanumeric character combinations like "I'mGl@dIT's_FRIdayy2daye!". Recently, cyber criminals have been seeing rapidly growing success by exploiting people that use weak passwords that can be easily guessed. Tokens, biometrics, secret handshakes, signs, spoken phrases, physical gestures, sounds and more have also been used as passwords replacements.
Password hygiene refers to the accepted practices that individuals and organizations should follow in order to create and maintain more secure passwords. As passwords are a key part in the accessibility and protection of sensitive information, following good password hygiene is incredibly important when dealing with banking accounts, data servers, tax documents, and much more.
Password rage is what happens after someone has too much password stress/password fatigue. The user will become stress and shout, swear, or cry in response to password difficulties. The amount of stress that can accumulate from constantly having problems with passwords can be very high since these passwords are the key to your digital life (bank, credit, communications, etc.).
A prevalent behavior problem wherein people will use the same password for different credentials. The problem with reusing the same password is that if one password is somehow compromised, the other credentials may be too easily compromised as well.
Password sharing (or "account sharing") occurs when a user gives their login credentials to someone else for the purposes of shared access under one account. Password sharing has several ramifications for different parties. The largest risk involved in sharing passwords is the obvious security risk of trusting the other person that now has access.
Password stress / password fatigue is caused by users having to memorize and type a large and growing number of username and password combinations. The problem is that good security means unique usernames and passwords that are both long and complex (high entropy). But the amount of stress involved in memorizing and typing these long passwords on a daily basis takes a strong toll on the users.
A password vault ("password manager" or "password wallet") is a digital tool that stores passwords so that users do not have to worry about remembering what their passwords are. Generally, a password vault is known more for securely storing passwords while a password manager is known for also offering additional management services.
Passwordless authentication is an authentication mechanism in which users log in to systems without typing a password. Instead, passwordless authentication usually takes the form of possession factor (something you have) or inherent factor (biometrics - something you are). Passwordless authentication is easier to manage for IT teams and easier to use for end users. Instead of managing thousands of passwords across hundreds of users, eliminate all those passwords instantly.
Passwordless MFA is an authentication mechanism that combines passwordless authentication and multi-factor authentication. Unlike traditional MFA, passwordless MFA requires users to log in to systems without typing a password, but also with one or more additional factors.
Penetration tests (also known as Pen Tests) are procedures that simulate a malicious actor's attacks on a system to identify potential vulnerabilities. Penetration tests can be performed on computer networks, software code, platforms, and physical devices.
A type of social engineering attack that attempts to acquire secret information such as login credentials, bank information, and other high-value data assets. Usually the perpetrator will ask potential victims to "confirm" their confidential information. IT managers must maintain a strong cyber security posture to prevent end users from falling victim to constant phishing attacks.
Piggybacking is a social engineering act that occurs when an unauthorized user follows an authorized user into a system with consent. In physical security, piggybacking mainly occurs at access control points. In digital security, piggybacking occurs when users give computer and website access to others.
The process of authenticating a person's identity through the validation of presence. Proximity authentication involves using either sensors to determine how close the a key (token or phone) is or an older example of motion detectors to catch a person's arrival.
Push Authentication is a form of Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) where a user is required to respond to a push notification on a linked mobile device. This method provides greater security by requiring an additional form of identity verification aside from a typical username and password.
According to studies, over 30% of all support tickets are related to password resets/forgotten passwords.
Enterprise 2FA and password manager. One key for all your passwords. Experience fully automated login and security. Faster 2FA, auto-OTP, password manager, and worry-free workflow with proximity-based privileged access management for Windows 11, 10, 8, 7, macOS, desktop applications, and websites.