Passwork Blog

Latest Jul 9, 2026
Four EU member states referred to court, the Netherlands' NIS2 law enters force August 15, Germany's BSI is auditing...

NIS2 compliance latest news: June and July 2026 enforcement update

Four EU member states referred to court, the Netherlands' NIS2 law enters force August 15, Germany's BSI is auditing 29,000 entities, and the EU published its first AI-cybersecurity action plan. Here's everything that changed in June–July 2026.

NIS2 compliance latest news: June and July 2026 enforcement update
Jul 8, 2026 16 min read
Learn how teams share credentials securely in 2026 — RBAC, audit logs, offboarding checklists, NIST SP 800-63B Rev. 4...

Team password management: The complete guide for 2026

Learn how teams share credentials securely in 2026 — RBAC, audit logs, offboarding checklists, NIST SP 800-63B Rev. 4 requirements, and self-hosted vs. cloud deployment.

Team password management: The complete guide for 2026
Jul 6, 2026 13 min read
GDPR, NIS2, ANSSI 2027 — the regulatory pressure keeps building. We compare Passwork and 1Password on the criteria that...

Passwork vs 1Password: Which password manager is better for EU enterprise?

GDPR, NIS2, ANSSI 2027 — the regulatory pressure keeps building. We compare Passwork and 1Password on the criteria that matter to European businesses: data sovereignty, audit readiness, deployment model, and real total cost of ownership.

Passwork vs 1Password: Which password manager is better for EU enterprise?
Jul 4, 2026 8 min read
15,000 Fortinet credentials exposed. 27 million recovered from dismantled infostealers. A French national registry...

Weekly cybersecurity news: Stolen credentials and the patch gap

15,000 Fortinet credentials exposed. 27 million recovered from dismantled infostealers. A French national registry breached through one government account. Meanwhile, Europe is advancing post-quantum authentication and AI-driven identity security. 8 key stories and what they mean for your team.

Weekly cybersecurity news: Stolen credentials and the patch gap
Jul 3, 2026 15 min read
Complexity rules failed. Adding @ to your dog's name doesn't make a password strong — it makes it predictable. This...

How to create a strong password you won't forget (2026 guide)

Complexity rules failed. Adding @ to your dog's name doesn't make a password strong — it makes it predictable. This guide covers what NIST SP 800-63B actually requires, why Diceware beats every complexity rule, and the one-passphrase system that solves the rest.

How to create a strong password you won't forget (2026 guide)
Jun 26, 2026 25 min read
Shadow IT in 2026 spans AI agents, orphaned SaaS accounts, and unmonitored LLM sessions — risks most organizations...

Shadow IT in 2026: Risks, detection, and how to manage it

Shadow IT in 2026 spans AI agents, orphaned SaaS accounts, and unmonitored LLM sessions — risks most organizations can't see. Learn what's changed, what it costs, and how a 6-step governance framework closes the gap.

Shadow IT in 2026: Risks, detection, and how to manage it
Jun 25, 2026 11 min read
This week: 86,000 Fortinet devices compromised, 24 billion credentials leaked, OAuth tokens stolen via a forgotten...

Weekly cybersecurity news: Quantum threats and HNDL

This week: 86,000 Fortinet devices compromised, 24 billion credentials leaked, OAuth tokens stolen via a forgotten service account, and an AI agent exfiltrated AWS credentials in under two minutes. 14 incidents, one pattern — and three actions your team can take right now.

Weekly cybersecurity news: Quantum threats and HNDL
Jun 20, 2026 18 min read
48% of breaches now involve a third party. This guide covers the attack patterns behind SolarWinds, MOVEit, and XZ...

Supply chain security guide: Vendor risks, regulations, and access control in 2026

48% of breaches now involve a third party. This guide covers the attack patterns behind SolarWinds, MOVEit, and XZ Utils — and the access controls, credential management practices, and regulatory requirements that actually stop them.

Supply chain security guide: Vendor risks, regulations, and access control in 2026
Jun 17, 2026 16 min read
LDAP still runs identity infrastructure at 90% of enterprises — and it's an active attack surface. Two critical RCE...

What is LDAP: Is it still relevant in 2026?

LDAP still runs identity infrastructure at 90% of enterprises — and it's an active attack surface. Two critical RCE vulnerabilities patched in 2025, credential harvesting at record levels. What to fix, how to harden it, and where the real risk sits.

What is LDAP: Is it still relevant in 2026?
Jun 17, 2026 15 min read
Reusing a password feels harmless. It isn't. Here's why one leaked credential can unravel your entire organization's...

11 password reuse risks and how to avoid them

Reusing a password feels harmless. It isn't. Here's why one leaked credential can unravel your entire organization's security — and how to stop it from happening.

11 password reuse risks and how to avoid them