Why Weak Passwords Pose a Serious Threat — and How to Reduce Your Risk

Presented by

Martin Cannard, VP of Product Strategy at Netwrix and Brian Johnson, Security Consultant & Podcaster at 7 Minute Security

About this talk

The latest industry data shows that nearly every cyberattack today involves misuse of credentials. So it’s worth asking, exactly how do threat actors get those credentials in the first place? In some cases, hackers use tactics like social engineering, phishing or vishing to trick users into providing their username and password. But the truth is, brute force and password spray attacks also remain highly effective techniques — primarily because users continue to choose weak passwords. Join Brian Johnson (CISSP, OSCP and president of 7 Minute Security) to find out how weak the passwords are in your organization, and what you can do to strengthen this part of your security strategy. During this session, you'll learn: •             What tools hackers use to collect and crack passwords and how they work •             How you can manually audit your environment for weak and common passwords •             Where to download lists of weak and common passwords •             How to dump all usernames and hashes from your domain controller and check them against the lists you downloaded •             “Hidden” places on the network (like Active Directory, Group Policy objects and file shares) where passwords often live unbeknownst to sysadmins — but not hackers! •             How you can enforce granular password policies to significantly reduce your risk from password attacks

Related topics:

More from this channel

Upcoming talks (5)
On-demand talks (169)
Subscribers (4055)
Netwrix empowers information security and governance professionals to reclaim control over sensitive, regulated and business-critical data, regardless of where it resides. Over 11,500 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.