printer friendly version

The Authlogics password breach database exceeds 5 billion records

Authlogics, an Intercede group company that provides enterprise password security and multi-factor authentication technologies, has revealed that its Password Breach Database has exceeded 5 billion records. The database is the world’s largest repository of compromised password credentials.

Steven Hope, Product Director MFA at Intercede (and founder of Authlogics), comments, “The fact that our database now stands at more than 5 billion records is not a good news story. Our hope is that it shines a spotlight on the scale of the dangers to which organisations are exposed. Just one of these records has the potential to cause harm and it should be assumed that if we have been able to source the information, those with nefarious ambitions have done so too.”

The Authlogics Password Breach Database receives more than one million updates every day, responsibly sourced from free resources in the public domain including mainstream news, online forums, torrents, paste bins and other locations on the dark web. Crucially, the company only securely stores email address and password information.

An invaluable tool that is helping public and private sector organisations around the world to conform with the likes of GDPR, CMMC and NYDFS, the database enables Authlogics to analyse all in-use Active Directory passwords (using k-anonymity to ensure these passwords remain private). It quickly ascertains which accounts are using a known breached password, as well as matching passwords with third-party email addresses to determine if they are the same person. This unique capability provides insight into the high risk yet common practise of using an Active Directory password as a credential for other websites and external systems.

Hope continues, “Everyone is aware of the password problem, the technology and expertise are available to solve it, but today we find ourselves announcing that things are getting worse. In fact, approximately 80% of data breaches have their origins in weak, shared, and reused passwords. The simple truth is if someone wants to exploit weak or compromised passwords it can be done with relative ease at low to no cost.”

The Authlogics Passwords Breach Database can be accessed free of charge for any organisation wanting to check its security status. The free no obligation report will reveal the number of associated password breaches against an email address; expose the email addresses of the worst offenders; identify the number of breaches relating to the compromised credentials and offer clear advice on how to protect against a password breach.

For more information, go to www.authlogics.com

Share this article:

Further reading: