ACTIVE DIRECTORY PASSWORD POLICY ENFORCEMENT

Enforcing complex, unique passwords in your AD environment may be the fastest and cheapest way to improve your security

    Request A Free Trial

    Thank You For Your Request

    A Stealthbits representative will contact you shortly.

    If you have any questions, you can contact our sales department by sending an inquiry to sales@stealthbits.com.


    WHY DO YOU NEED PASSWORD POLICY ENFORCEMENT?

    Weak, insecure, and stolen passwords puts your network at risk. Password policies don’t prevent employees from using known comprised passwords. Due to the fact that users are historically bad at creating difficult to guess passwords, users tend to choose predictable, easy-to-guess passwords instead.

    Coupled with password reuse, these poor password hygiene practices undermine your security controls.

    PASSWORD POLICY ENFORCEMENT ADVANTAGES

    Protect against Credential Stuffing attacks

    Enforce password hygiene with dozens of filters

    Prevent the use of known compromised passwords

    WHY DO YOU NEED PASSWORD POLICY ENFORCEMENT?

    ENFORCE PASSWORD COMPLEXITY

    There are common bad practices we need to avoid in passwords:

    • Prevent the username in their password (First name, Last Name, SAMAccount Name, & UPN)
    • Prevent the use of keyboard sequences like qwerty
    • Prevent the use of repeating characters 111
    • Prevent the use of repeating patterns 123123

    Not every organization is ready to abandon all password policies such as uppercase letter, lowercase letter, number and a special character in passwords in favor of the new NIST Policy.

    Build a password policy that satisfies the organizational needs, however, keep in mind favor the user so they can create a strong password that won’t change until detected in a breach.


    CHECK PASSWORDS AGAINST A BREACH DATABASE

    Attackers know that humans are creatures of habit. So, when they attempt to guess a user’s password, they start with commonly known breached passwords.

    To protect your users, you should always check your corporate user’s passwords against a breached password list. If one of your users’ password matches a password that been previously used, you should disallow it, and force the user to choose another unique password.

    StealthAUDIT can detect and report on weak, shared or previously used passwords, allowing administrators to force a password reset and to reduce the risk of compromise.

    Once cleaned up, StealthINTERCEPT Enterprise Password Enforcer (EPE) can enforce complexity and uniqueness, by automatically blocking unsafe passwords from being used, to keep your passwords and your organization safe.

    ACHIEVE COMPLIANCE

    …it is recommended that passwords chosen by users be compared against a “black list” of unacceptable passwords. This list should include passwords from previous breach corpuses, dictionary words, and specific words (such as the name of the service itself) that users are likely to choose.

    LEARN ABOUT THE StealthINTERCEPT ENTERPRISE PASSWORD ENFORCER

    Stealthbits IS TRUSTED BY

    Seeing is believing.

    RESOURCES

    © 2020 Stealthbits Technologies, Inc.