Alex Muntyan

Alex Muntyan

CEO · Enterprise password security

Under Alex's leadership, Passwork has been driven by a straightforward premise: enterprise-grade security should not require enterprise-grade complexity. Over the years, the company has grown from a startup into a trusted European password management platform serving thousands of organizations across the EU, the US, and beyond — fully bootstrapped, founder-owned, and independent.

He writes about the practical side of information security: how organizations actually manage credentials under real-world constraints, where compliance frameworks meet daily operations, and why most security tools fail before they're ever deployed. His perspective is shaped by years of building a product that security teams choose to use.

Articles by Alex Muntyan

Latest Jul 16, 2026
Learn how to implement secure password sharing in teams. Discover best practices for RBAC, NIS2 compliance, and AD...

Secure password sharing at work: A guide for IT managers

Learn how to implement secure password sharing in teams. Discover best practices for RBAC, NIS2 compliance, and AD integration to protect shared credentials.

Secure password sharing at work: A guide for IT managers
Jul 8, 2026 16 min read
Learn how teams share credentials securely in 2026 — RBAC, audit logs, offboarding checklists, NIST SP 800-63B Rev. 4...

Team password management: The complete guide for 2026

Learn how teams share credentials securely in 2026 — RBAC, audit logs, offboarding checklists, NIST SP 800-63B Rev. 4 requirements, and self-hosted vs. cloud deployment.

Team password management: The complete guide for 2026
Jun 26, 2026 25 min read
Shadow IT in 2026 spans AI agents, orphaned SaaS accounts, and unmonitored LLM sessions — risks most organizations...

Shadow IT in 2026: Risks, detection, and how to manage it

Shadow IT in 2026 spans AI agents, orphaned SaaS accounts, and unmonitored LLM sessions — risks most organizations can't see. Learn what's changed, what it costs, and how a 6-step governance framework closes the gap.

Shadow IT in 2026: Risks, detection, and how to manage it
Jun 20, 2026 18 min read
48% of breaches now involve a third party. This guide covers the attack patterns behind SolarWinds, MOVEit, and XZ...

Supply chain security guide: Vendor risks, regulations, and access control in 2026

48% of breaches now involve a third party. This guide covers the attack patterns behind SolarWinds, MOVEit, and XZ Utils — and the access controls, credential management practices, and regulatory requirements that actually stop them.

Supply chain security guide: Vendor risks, regulations, and access control in 2026
Jun 17, 2026 15 min read
Reusing a password feels harmless. It isn't. Here's why one leaked credential can unravel your entire organization's...

11 password reuse risks and how to avoid them

Reusing a password feels harmless. It isn't. Here's why one leaked credential can unravel your entire organization's security — and how to stop it from happening.

11 password reuse risks and how to avoid them
Jun 16, 2026 16 min read
Shadow AI costs enterprises $670K extra per breach — and most of it traces back to credentials pasted into public LLMs....

What is Shadow AI: The hidden threat costing enterprises $670K per breach

Shadow AI costs enterprises $670K extra per breach — and most of it traces back to credentials pasted into public LLMs. Learn what shadow AI actually looks like, why it's harder to stop than shadow IT, and how to govern it.

What is Shadow AI: The hidden threat costing enterprises $670K per breach
Jun 16, 2026 13 min read
Storing passwords in Slack and browsers exposes your business to breaches. Discover why personal tools fail teams, how...

Password management for teams: The fix every SMB needs

Storing passwords in Slack and browsers exposes your business to breaches. Discover why personal tools fail teams, how to securely offboard departing employees in one click, and why the latest NIST guidelines recommend against forced password rotation.

Password management for teams: The fix every SMB needs
Jun 14, 2026 14 min read
10 remote work security fails — and the one principle behind all of them: security breaks where the secure path has...

10 remote work security fails: How to fix your environment

10 remote work security fails — and the one principle behind all of them: security breaks where the secure path has more friction than the insecure one. Real cases, realistic fixes, a 5-layer baseline your team can audit against.

10 remote work security fails: How to fix your environment
Jun 14, 2026 16 min read
48% of breaches now involve third parties. NIS2 Article 21 makes supplier access governance a legal obligation. Here's...

How to implement NIS2 access controls for supply chain security

48% of breaches now involve third parties. NIS2 Article 21 makes supplier access governance a legal obligation. Here's how to map vendor access, enforce MFA and least privilege, and keep the audit evidence that proves your controls work.

How to implement NIS2 access controls for supply chain security
Jun 14, 2026 21 min read
Disabling an SSO account doesn't revoke access. API keys, AI agent credentials, and shared passwords survive it. This...

Employee offboarding: Guide to secure access revocation in 2026

Disabling an SSO account doesn't revoke access. API keys, AI agent credentials, and shared passwords survive it. This guide covers the full offboarding playbook — from zero-hour triggers to NHI cleanup.

Employee offboarding: Guide to secure access revocation in 2026