Password Security Can’t Wait.

We presently live in a world full of constant breaches and cyberattacks. Password security is essential. It is also however, a huge challenge for IT professionals and employees alike. In light of these challenges, a large number of companies still manage their passwords manually. You are more likely to find that most of these companies leave it to their employees to come up with their own personal password behaviour. This can only result in poor password hygiene which causes wide range of problems such as breached/compromised passwords.

What does getting pwned mean?

The word “pwned” is a verb which is mostly used as an expression of gloating control, dominance or victory. It is a term most frequently used in video gaming circles and has now found it’s way to office dialogue. When you are pwned, it means you have been defeated in a humiliating fashion, by an opponent. It implies great failure on the part of the loser. Origins of the word are sketchy, but it is most likely to have been derived from the slang use of “owned”. It is a perfect example of digital culture spilling over into real life.

Pwned passwords.

Pwned passwords are basically real world passwords that have been breached/comprised by them being exposed to data breach. These breached/comprised passwords are no longer suitable for continued use because they are at a greater risk of being used to hijack and control other exposed accounts, through common attacks such as Credential Stuffing and Password Spraying.

“Have I been pwned?” is probably the foremost question on your mind right now. The plain-english translation of the question would be “Has my account been compromised in a data breach? Which leads to even more questions like “How do I even begin to check for a data breach?” Or “If I have been breached, what do I need to do for solutions?” This post will offer you some guidance on how to know if you have been pwned, eradicate/minimize it and protect yourself from being pwned.

The most recognizable symptom of a pwned account would be any strange activities that were not authorized by the owner(s) of the account. Strange activities in the form of unauthorized purchased in the cases of pwned cash accounts and strange posts and messages in cases of pwned email or social media accounts.

Our enterprise password enforcement solution is designed to eliminate pwned passwords by integrating with the popular website, Have I Been Pwned developed and maintained by Troy Hunt, to monitor your daily logins for any vulnerabilities or potential security breaches. The Have I Been Pwned website is the most comprehensive database of stolen, breached/compromised passwords put together by Troy Hunt. An Australian security professional. Our protection prevents you from selecting any of these pwned passwords.

NIST Password Guidelines Compliance is compliant with the latest NIST publication guidelines, which specifically recommends that passwords provided by the user should be checked against any existing breaches of data. Implement the security network today and eliminate any frustrations by simplifying your password security policy.