Misused credentials are at the center of cyberattacks, used for gaining access, moving laterally, exfiltrating data, and more. Passwords can be obtained through social engineering, brute force, and password spray attacks. Human error and weak passwords are also a problem. There are resources available to identify and strengthen password security. In this training session, experts will discuss the current state of insecure password use, password spraying, auditing environments for weak passwords, and enforcing granular password policies to protect against attacks.