Protect against Credential Stuffing attacks
Enforce password hygiene with dozens of filters
Prevent the use of known compromised passwords
ENFORCE PASSWORD COMPLEXITY
There are common bad practices we need to avoid in passwords:
- Prevent the username in their password (First name, Last Name, SAMAccount Name, & UPN)
- Prevent the use of keyboard sequences like qwerty
- Prevent the use of repeating characters 111
- Prevent the use of repeating patterns 123123
Not every organization is ready to abandon all password policies such as uppercase letter, lowercase letter, number and a special character in passwords in favor of the new NIST Policy.
Build a password policy that satisfies the organizational needs, however, keep in mind favor the user so they can create a strong password that won’t change until detected in a breach.
CHECK PASSWORDS AGAINST A BREACH DATABASE
Attackers know that humans are creatures of habit. So, when they attempt to guess a user’s password, they start with commonly known breached passwords.
To protect your users, you should always check your corporate user’s passwords against a breached password list. If one of your users’ password matches a password that been previously used, you should disallow it, and force the user to choose another unique password.
StealthAUDIT can detect and report on weak, shared or previously used passwords, allowing administrators to force a password reset and to reduce the risk of compromise.
Once cleaned up, StealthINTERCEPT Enterprise Password Enforcer (EPE) can enforce complexity and uniqueness, by automatically blocking unsafe passwords from being used, to keep your passwords and your organization safe.
Stealthbits IS TRUSTED BY
