What is an account compromise?

Any account that is accessed by anyone not authorized to access the account is a compromised account. Weak passwords are one of the main reasons for account compromises; however, cyberattackers can sometimes use sophisticated tools to compromise accounts with stronger passwords. Password spray attacks, brute-force attacks, and pass-the-hash attacks are some of the ways attackers can gain unauthorized access to an account.

How to prevent account compromise

To prevent account compromise:

  • Set a strong password policy that takes into account password complexity and password expiration times.
  • Monitor all access and logons to critical servers, databases, and service accounts.
  • Enforce multi-factor authentication.
  • Put a process of least privilege and Zero Trust in place.
  • Look for anomalies in time, count, and pattern in the behavior of users and entities.
  • Implement a system of risk scoring that looks for the tell-tale signs of an account compromise.
Account compromise

Related blogs

 

Change the way you manage security.

Defend against sophisticated threats.

Get started with Log360 UEBA.

Download

© 2019 Zoho Corp. All rights reserved.