Most data breaches start with a stolen password. Here's how to fix that

Somewhere in your organisation right now, an employee is reusing a password they created in 2019. Another is sharing login credentials for a team account through a Slack DM. A third is storing client portal access in a browser’s built-in autofill, synced to a personal Google account your IT team does not control. None of these people are careless. They are simply doing what most workers do when their company has no password infrastructure.

According to Verizon’s 2024 Data Breach Investigations Report, stolen credentials were involved in roughly 80 per cent of web application breaches and remain the single most common initial attack vector across all industries. The pattern is consistent year after year: an employee reuses a password, that password appears in a consumer data breach, an attacker tests it against the company’s systems, and the door opens. The breach rarely looks dramatic. It looks like a normal login.

The fix is not telling people to choose better passwords. The fix is giving them a system that makes strong, unique credentials the default and removes the temptation to cut corners. That is what business password managers are designed to do. But most of them share a blind spot that matters more than their marketing suggests.

Most data breaches start with a stolen password. Here's how to fix that

Other newsrooms on this story

Related reading

Proton Exposes 300 Million Stolen Credentials — 49% Include Passwords

1 in 8 employees have sold company logins or know someone who has

After $380M hack, Clorox sues its “service desk” vendor for simply giving out…

Stop Storing Passwords: Build Enterprise SSO in Laravel 🛡️

Account Recovery Becomes a Major Source of Workforce Identity Breaches

Password1: how scammers exploit variations of your logins