Credential theft rose sharply in 2025, driving more breaches as attackers used AI-assisted tactics to defeat weak identity checks and exploit inconsistent authentication practices. Organizations can reduce account takeover risk by hardening MFA, securing the service desk, using device trust, adopting passkeys, and protecting biometric data. #Specops #M&S #Clorox #FIDO2 #WebAuthn
Keypoints
- Credential theft contributed to one in five data breaches in 2025.
- Strong, phishing-resistant MFA is essential for secure identity verification.
- Service desk workflows must resist social engineering and deepfake-enabled impersonation.
- Device trust helps detect risky logins from unmanaged or compromised devices.
- Passkeys and protected biometric data can reduce password reliance and strengthen access control.