It is no secret that passwords alone are not the best method to safeguard our digital assets, especially weak passwords. Password hygiene is a leading topic any time of year, but as NCSAM continues it is a good time for another reminder for organizations to do better to protect data they are entrusted. Password security firm LastPass recently published its’ 3rd Annual Global Password Security Report which highlights how employees’ continued poor password habits weaken the overall organizational security posture. To affect positive changes, it is up to organizations to take action to improve password hygiene. There are many low-cost and no-cost solutions that are easy to implement to reduce the risk when passwords are stolen. For instance, just enforcing the use of longer passwords can go a long way. Depending on computing power (and other factors), it could take approximately 23 seconds to crack ‘football1’  vs. over 10 thousand centuries to crack ‘R73&nebp@98backyard45’. Adding multifactor authentication (MFA) is another quick-win. MFA does not completely prevent account compromises, but it does significantly reduce that likelihood. Authenticator apps like Duo, Authy, Google, etc. provide low-cost, no-cost, hassle-free options to add an additional layer of security to the authentication process, which will reduce the risk a malicious attacker would be able to login to valuable accounts, even with a stolen password. Read the post at Security Magazine