If we try and think of old-world physical processes and techniques as a means to handle today’s cyber-crime we come to a point of ridicule. We need to question ourselves on the way we deal with cyber security from the floor to rafters.
Credential theft, social engineering, and cracking remain the prime avenues through which threat actors gain unauthorized access (yes, ‘hacking;) to services, data, and digital assets. While a minimum 8-character length with a capital letter, number, and special character MAY be a “safe” password, it is often not the case and can be cracked faster than it took to grab a car stereo in the 90’s.
Passwords need to not just meet minimum requirements but should be constantly challenged – as adversaries would do. Password hash cracking should be made a common security validation daily routine- that’s the only way to know.