ChannelLife US - Industry insider news for technology resellers
United States
Enzoic partners boost defences against stolen passwords
Firewalls Data Protection Network Security

Enzoic partners boost defences against stolen passwords

Wed, 11th Mar 2026
Catherine Knowles
CATHERINE KNOWLES News Editor

More than 100 channel partners now use Enzoic's Partner Network to screen customer credentials against its threat intelligence, as organisations face sustained attacks that rely on stolen passwords.

Verizon's Data Breach Investigations Report found that stolen credentials are used in 88% of basic web application attacks. The figures underscore the continued role of passwords in account takeovers and unauthorised access, even as many organisations add multi-factor authentication and other controls.

Launched in 2024, Enzoic's Partner Network supplies partners with compromised credential detection and monitoring. It also issues alerts on newly exposed data appearing in criminal marketplaces and other dark web sources.

Partner activity

Enzoic data on partner activity in 2025 shows the largest category was blocking weak or previously exposed passwords during account creation or password resets. This accounted for 59% of activity.

The process prevents users from choosing passwords that match entries in Enzoic's database of exposed credentials. Enzoic also applies fuzzy matching to check for common variations of a known compromised password.

A second category addressed credential stuffing risk and password reuse, representing 16% of partner activity in 2025. Credential stuffing uses passwords leaked in one breach to attempt access to other services, and succeeds because many users reuse the same password across multiple accounts.

Enzoic can detect exposure during login and trigger password resets or other actions set by the customer organisation.

Password sharing was another risk highlighted as difficult for many organisations to quantify. Enzoic's analysis of Active Directory data identified nearly 10,000 incidents of password sharing among users across customer environments surfaced through its partner base.

Stale user accounts were also a focus area. Dormant accounts can retain elevated permissions and may bypass newer controls applied to active staff. Enzoic said addressing this issue accounted for 20% of partner focus in 2025.

How screening works

Credential screening runs continuously in the background, which Enzoic positions as a way for partners to add monitoring without changing existing authentication systems.

The vendor combines automated collection with proprietary threat intelligence. It scans dark web sources, flags newly exposed credentials, and provides that information to partners for action within customer environments.

One driver of urgency is the growing use of infostealer malware, which targets browsers and endpoints for stored credentials and session data. Security teams report that stolen data can appear quickly in criminal channels after theft, reducing the time available to detect compromise and intervene.

Enzoic Chief Executive Mike Greene linked this trend to faster account takeovers and greater operational pressure on defenders.

"Stolen credentials as a threat vector are certainly nothing new, but that doesn't make their impact any less devastating. Particularly as infostealers become more prominent and further compress the timeline between data theft and account takeover, companies need an automated solution to identify credential compromise before it's too late. By enabling our partners to provide this insight in near real-time, we're supporting their mission of enhanced authentication security and keeping Dark Web data out of their customer environments," said Greene.

Channel use cases

Partners use the service in managed security offerings and identity security engagements, where credential policies and account hygiene remain persistent issues. Enzoic says the network helps partners detect exposed passwords before attackers can use them, rather than relying on breach notifications after accounts have already been abused.

BorderLAN Security, a channel partner, uses the technology with public sector and education customers, as well as commercial clients.

Matt Killian, sales manager at BorderLAN Security, described stolen credentials as a recurring vulnerability in the environments the firm supports.

"Schools, cities, and businesses throughout the country entrust us with cybersecurity protection against today's barrage of threats. Our partnership with Enzoic is key to addressing one of the most pervasive vulnerabilities-stolen credentials. Their solution enables us to alert customers when compromised passwords are in use, ensuring they can act before this data leads to a breach," said Killian.

Enzoic said partner usage reflects common identity security gaps, including password reuse, weak password choices, shared credentials, and unmanaged accounts. It expects continued demand for monitoring as credential theft remains central to web application attacks and malware-driven theft increases the speed at which stolen data is traded and used.

Related stories
AI-driven cyber wars to reshape security in 2026
Google Cloud unveils AI security tools & fraud defence
Cybersecurity as a Service market to hit USD $83.96bn
Barracuda overhauls BarracudaONE & partner programme
Google Mandiant report spots faster, stealthier cyberattacks
Top stories
PDQ adds software visibility & workflow integrations
Cognizant named Aston Martin F1 Global AI Services partner
Forward Edge-AI names Dionis Taveras as sales chief
OpenAI & Yubico launch phishing-resistant YubiKeys
Nintex adds on-premises AI to K2 for regulated firms