Microsoft’s Commandment: Thou Shalt Not Worship (Password) Idols

Active directory - Directory physical

Published at Infosecurity on May 13, 2018 by Raz Rafaeli

Why do we have a situation where hackers are able to take advantage of Microsoft’s Active Directory bugs?

No matter how you slice it, the error in the model can be traced to one factor – the password. If that were not compromised, hackers would not have an opportunity to carry out attacks in the first place.

AD centralizes authentication and authorization for domain resources, but also creates a critical single point of failure – the account password that grants access to all resources. If the password is stolen, the attacker can gain access to all systems/resources authorized for the account.

Read The Full Article 

About us

Secret Double Octopus is the passwordless authentication solution for the enterprise. We liberate end-users and security teams from the burden of passwords with the simplicity and security of strong passwordless authentication. The Octopus Authentication Platform provides a unified user experience and a consistent way to access workstations, remote services, cloud applications and on-prem systems while providing stronger protection against cyber-attacks. From being named a Gartner “Cool Vendor” in 2016, our 4th generation platform is now serving mid-sized to Fortune 50 customers around the globe.

Previous In the New

Quality Over Quantity: Women in Cyber Security Making a Difference

Next In the New

The Quantum Meltdown of Encryption

More Things That Might Interest You

Octocampus

Modern Enterprise Authentication explained

Resource Center

Everything you need to know about our Authentication platform

The Security Wiki

Learn about Authentication methods, protocols, encryption, and more