Some cloud services and social media networks bolstered their security systems this year following a string of password breaches that began in 2012. LinkedIn, Twitter and Evernote launched two-factor authentication features. Meanwhile, Amazon launched a Web service to enable businesses to accept Facebook, Google or Amazon.com credentials as part of verification.
Valid account credentials represent the holy grail for cybercriminals. End users often reuse the same username and password combination for a variety of places, including access to their work PC.
Solution providers recommend stronger password management policies to their clients as well as stronger database controls, including encryption (salting and hashing) of customer passwords stored on their servers.