Rising Risk Of Compromised Credentials In AD
Security Boulevard, Tuesday, February 3rd, 2026
Compromised user credentials are a major security threat for organizations, as the 2025 Verizon DBIR reported that credential abuse was the leading initial access vector for data breaches. Recent data from Enzoic's Active Directory Lite (AD Lite) tool indicates that the risk of compromised credentials is growing.
Analysis of aggregated AD Lite scan results for 2024 and 2025 shows credential-related risk becoming more pronounced across organizations. Not necessarily because users are choosing worse passwords year over year, but because the volume of exposed credentials is rising sharply as data breaches continue to accelerate. In other words, even when users keep the same passwords, they are increasingly likely to become compromised as breach datasets expand.