JUST BECAUSE YOU ARE A START-UP does not mean you are not a target. Before you have an amazing product that your unicorn start-up has built you have to log in to something. Your credentials, for everything, are a critical key to starting secure and remaining secure. Whether you are logging into your phone, laptop, email, chat app, or cloud environment, the first step is your username and password.

If you only read one chapter in this book, this is the one. Verizon publishes an annual report called the Data Breach and Investigations Report (DBIR), pronounced “deebur.” This report details thousands of data breach cases that Verizon analyzes and investigates in real-world examples. And every year user credentials are part of the top list of vectors that attackers use to gain access to systems and sensitive data at thousands of companies, large and small, around the world.

PASSWORD MANAGERS

Password Managers are software-as-a-service (SaaS) tools that allow you to securely store and manage many sets of unique credentials across websites and all manner of systems where you use a combination of username and passphrase to access. Some solutions even offer non-cloud-based products; this is a bit riskier, since it is stored on your device and if, for some reason, you lose access to that device, you could ...