Compromised credentials are a leading cause of security breaches.  According to Verizon’s 2015 Data Breach Investigations Report, 95% of security incidents involved stealing credentials from customer devices, and using them to web applications.  So many stolen credentials are available to hackers, generally on the Dark Web, that passwords are no longer effective.