Plaintext Password Extraction Through Group Policy Preferences

How to mitigate Plaintext Password Extraction

Group Policy Preferences allow administrators to create and manage local accounts on servers and workstations in an Active Directory (AD) domain. Attackers can easily find and obtain the encrypted passwords of administrative account credentials managed by Group Policy Preferences and decrypt them using the Microsoft-published AES key.

LEARN MORE ABOUT PLAINTEXT PASSWORD EXCTRACTION

Request A Free Trial

*First Name:

*Last Name:

*Company:

*Job Title:

*Business Email

*Phone Number:

*Number of Employees:

*Country:

*Select a State:

*Select a Province:

*Select a State:

I am a partner

Please leave this field empty.

Stealthbits’ Plaintext Password Extraction Through Group Policy Preferences Solution

Stealthbits’ products provide a multitude of ways to mitigate Plaintext Policy Extraction.

Mitigate Plaintext Password Extraction Through Group Policy Preferences

The best protection from Group Policy Preference abuse is to remove any passwords from GPPs.

APPROACH

Identify & Remove GPP Passwords

DESCRIPTION

Report on any group policy preferences which leverage cPassword fields that contain password data which can be decrypted. Remove the dependency on these and migrate to a more secure way to accomplish the task of that GPP setting.

PRODUCT: StealthAUDIT

Plaintext Password Extraction Through Group Policy Preferences

Stealthbits’ Plaintext Password Extraction Through Group Policy Preferences Solution

Mitigate Plaintext Password Extraction Through Group Policy Preferences

DOWNLOAD OUR COMPLETE ATTACK-TO-PRODUCT MAPPING GUIDE

StealthAUDIT for Active Directory

StealthDEFEND for Active Directory

StealthINTERCEPT Enterprise Password Enforcer

SOLUTIONS

COMPLIANCE

PRODUCT

MODULES

PARTNERS

COMPANY