FEATURED BLOG

AI can crack your passwords. Here’s how Keeper can help.

As AI becomes more advanced, it’s important to consider all the ways AI can be used maliciously by cybercriminals, especially when it comes to cracking passwords. While AI password-cracking techniques...

Continue Reading

Search

Latest Keeper Blogs

While both magic links and passkeys are methods of passwordless authentication, they’re not exactly the same. Some of the key differences between magic links and passkeys are how they work, their security, where a website server stores them and whether or not they expire after being used to log in to an account.  Continue reading

Magic Links vs Passkeys: What’s the Difference?

The most secure way to send tax documents is by using a platform with zero-knowledge encryption such as a password manager. Zero-knowledge encryption is one of the safest ways to store sensitive data because it encrypts and decrypts data at the device level, not the company’s servers or in the cloud. Using a password manager

How To Securely Send Tax Documents

Artificial Intelligence (AI) being used to carry out cybercrime isn’t new, but as AI becomes more advanced, so do the tools that cybercriminals are using. One of the most recent AI-enabled cyber threats we’ve seen is cybercriminals using voice-cloning technology to carry out scam calls. You can protect yourself from AI voice-cloning scam calls by

How To Protect Yourself From AI Voice Scam Calls

Enabling Multi-Factor Authentication (MFA) is a cybersecurity best practice that helps protect online accounts from unauthorized access; however, not all forms of MFA are created equally in terms of security. There are ways that cybercriminals can bypass MFA. Some MFA methods are more vulnerable to cyber attacks and are often exploited by cybercriminals. There are

Can MFA Be Bypassed by Cybercriminals?

Privilege creep is a cybersecurity term that describes the gradual accumulation of network access levels beyond what an individual needs to do their job. Users need specific privileges to perform tasks and job functions. These privileges can include accessing sensitive data, installing new programs, updating software, configuring networks, adding new users and more. Not every

What Is Privilege Creep?

Kerberoasting is a form of cyber attack that targets service accounts using the Kerberos authentication protocol. Attackers exploit the authentication protocol to extract password hashes and crack the plaintext passwords attached to the account. These attacks are prevalent because they can be difficult to notice and mitigate. Without implementing detection and prevention techniques, Kerberoasting becomes

What Is Kerberoasting and How Can I Prevent It?

Working remotely has allowed organizations to enhance their efficiency and provide employees with flexibility. However, remote work comes with cybersecurity risks that can often lead to data breaches and jeopardize an organization’s security. The five cybersecurity risks of remote work are using weak passwords, an insecure internet connection, unencrypted file sharing, an expanded attack surface

What Are the Cybersecurity Risks of Remote Work?

A magic link is a type of passwordless login where a link is sent to a user through email or text message after they’ve entered their email address or username into a login portal. When the user clicks on this link, they’re signed in to their account without having to enter a password. This process

Magic Links: What They Are and How They Work

Organizations should implement the principle of least privilege to protect their sensitive data from unauthorized access. To implement the principle of least privilege, organizations need to define roles and permissions, invest in a Privileged Access Management (PAM) solution, enforce MFA, automatically rotate credentials for privileged accounts, segment networks and regularly audit network privileges. Continue reading

How To Implement the Principle of Least Privilege

Some of the benefits of using passphrases are that they’re easy to remember, difficult for cybercriminals to crack and they’re considered to be more secure than traditional passwords because of poor password habits. Some of the disadvantages of using passphrases are that some websites and apps may have low character limits, it’s impossible to remember

The Pros and Cons of Using Passphrases

Password entropy is a measurement of how difficult it would be for a cybercriminal to crack or successfully guess your password. When calculating password entropy, the calculation takes into account how long your password is and the variation of characters you’re using. Character variations include the use of uppercase and lowercase letters, numbers and symbols. 

Password Entropy: What It Is and Why It’s Important

A passphrase is a more secure way to create a password that uses a string of random words instead of a string of random characters. Passphrases tend to be easier to remember, longer and more secure than most user-generated passwords. However, weak passphrases are still susceptible to password-related cyber attacks. To create strong passphrases, you

How To Create a Strong Passphrase

Password spraying and credential stuffing have a lot in common, but the main difference is in the way the attack is executed. With credential stuffing, the cybercriminal already has a set of verified login credentials, whereas, with password spraying, the cybercriminal has to guess the login credentials by matching a list of usernames with a

Password Spraying vs Credential Stuffing

Weak passwords can lead to ransomware attacks because they can be easily compromised through password-cracking techniques, allowing cybercriminals to gain access to an organization’s network where they can then inject ransomware. Often, when people think of the causes of ransomware infections, their first thought is it was caused by a phishing email. While phishing emails

How Weak Passwords Lead to Ransomware Attacks

A secret refers to the non-human privileged credentials used by systems and applications to access services and IT resources containing highly sensitive information and privileged systems. Secrets allow applications to transmit data and request services from each other. Examples of secrets include access tokens, SSH keys, non-human privileged account credentials, cryptographic keys and API keys. 

Six Best Practices for Secrets Management

Some of the most common ways ransomware is delivered are through phishing emails, drive-by downloads, exploit kits and RDP exploits. According to Malwarebytes’ 2024 State of Malware report, in 2023 the number of known ransomware attacks increased by 68% from the previous year. The report also found that the largest ransom demanded in 2023 was

How Is Ransomware Delivered?

Biometrics are technically safer than passwords because they’re harder for cybercriminals to compromise or steal. Besides being more secure, biometrics are also phishing-resistant and more convenient to use than passwords.  Read on to learn more about biometrics and why they’re considered to be more secure than passwords.  What Are Biometrics? Biometrics are a person’s unique

Are Biometrics Safer Than Passwords?

Cybercriminals often use spoofing attacks to disguise themselves as a familiar face or legitimate business to trick people into revealing sensitive information. They use a variety of techniques such as creating fake websites or emails. Some of the different types of spoofing attacks include call spoofing, email spoofing, website spoofing and IP spoofing. Continue reading

Seven Types of Spoofing Attacks and How To Avoid Them

Passphrases are another way to create secure passwords. However, there are some differences between passphrases and passwords in terms of their structure, memorability and security. Passphrases tend to be longer, easier to remember and overall more secure than most user-created passwords. However, a strong, randomly generated password is equally secure as a strong passphrase. Continue

Passphrases vs Passwords: What’s the Difference?

Password rotation has become less necessary for personal accounts if they are protected with strong and unique passwords and MFA. Organizations do need to implement password rotation to protect privileged accounts; however, manually rotating passwords can lead to security risks such as compromised passwords. Organizations need automated password rotation to protect privileged accounts from becoming

Why Organizations Need Automated Password Rotation

What’s Trending