The advent of quantum computers poses a significant threat to current public-key cryptography methods, such as elliptic curve cryptography and RSA, which are used to protect sensitive data, including credentials. As quantum hardware advances, it is inevitable that these encryption methods will be broken, compromising the confidentiality of encrypted data. This shift has significant implications for organizations, as it changes the threat model from primarily criminal activity to geopolitical, state-aligned threats1. The capture of ciphertext and credentials by malicious actors could have far-reaching consequences. To mitigate this risk, organizations must begin to adopt post-quantum cryptography methods, starting with the protection of credentials. This requires a fundamental transformation of their encryption strategies, taking into account the new geopolitical threat landscape. The transition to post-quantum cryptography is crucial for maintaining the security and confidentiality of sensitive data, and practitioners must prioritize this effort to stay ahead of emerging threats.