Security news aggregator

Latest coverage for Passwords

Password security helps prevent unauthorized access, while weak or reused credentials can expose accounts, systems, and sensitive data.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Passwords are secret strings used to verify identity and control access to accounts, devices, applications, and services. They remain a common authentication method, but their security depends mainly on secrecy, length, and uniqueness rather than predictable complexity rules. A password reused across services can expose multiple accounts if one service is compromised; short, common, or previously leaked passwords are more susceptible to guessing and automated credential-stuffing attacks.

Practical defenses include using a password manager to generate and store a distinct, long password for each service, blocking known compromised passwords, and enabling multi-factor authentication (MFA) where available. Organizations should protect stored passwords with slow, salted one-way hashing, restrict and monitor authentication attempts, and provide secure recovery processes. Password changes are most useful after suspected compromise or exposure, rather than as routine changes that encourage predictable variations. Security teams should also treat password databases and reset mechanisms as sensitive assets during vulnerability assessment and incident response.

Showing 3 most recent headlines Filtered view

Trellix's John Fokker Advises CISOs to Prioritize Patching, MFA, Network VisibilityThreat actors aren't rushing to adopt AI tools to exploit vulnerabilities. "They still prefer a victim with weak passwords, bad MFA, bad patching. It is the easiest way to make money for criminals so they don't have to invest in AI," said John Fokker, head of threat intelligence at Trellix.

RSA CEO Rohit Ghai on Security Amid Evolving Threats, Tech DisruptionAI, geopolitical instability and sophisticated cyberthreats are reshaping how organizations must think about risk, resilience and identity. RSA CEO Rohit Ghai discusses identity overhaul for enterprises, moving beyond passwords and an approach to AI-based threats.

Hackers Bypass MFA to Steal Australians' Banking CredentialsMelbourne-based ANZ Bank will introduce passwordless authentication for digital banking services amid news that hackers have stolen the banking credentials of tens of thousands of Australians. Cybercriminals used infostealer malware to steal the credentials of more than 30,000 Australians.