StealthINTERCEPT Enterprise Password Enforcer

Password policy enforcement for Windows Active Directory providing password protection on-premises and in hybrid environments.

WATCH VIDEO

    Request A Free Trial

    Thank You For Your Request

    A Stealthbits representative will contact you shortly.

    If you have any questions, you can contact our sales department by sending an inquiry to sales@stealthbits.com.


    Why StealthINTERCEPT Enterprise Password Enforcer?

    With 80% of breaches involving weak or compromised passwords and the top 10 common passwords still including ‘123456’, ‘password’, and ‘qwerty’, organizations need to strengthen and improve password hygiene. Breach costs will only rise, further emphasizing the importance of your first line of defense…the password.

    Using a dictionary of 555 million known compromised passwords, along with complexity, character substitution, and testing tools, StealthINTERCEPT Enterprise Password Enforcer safeguards your organization from credential-based attacks. We can identify and prevent weak and compromised passwords from being used. We can even provide end user guidance on how to choose a strong(er) password.

    KEY FEATURES

    Tell Users Why Password Fails

    We reduce helpdesk calls by showing users why proposed passwords fail what needs to change to adhere to policy.

    Enhanced Password Complexity

    Provide administrators more granular control of password requirements to ensure proper compatibility with all of an enterprise’s resources.

    Password Policy Testing Tool

    Before implementing new or modified rules, it’s advantageous to know where issues will arise.

    Control Character Substitutions

    Attackers can just as easily replace an “S” with a “$”, or an “A” with the “@”. Gain control of your passwords and all possible variations.

    Breached Password Dictionary

    We integrate with a repository of millions of known bad passwords, HIBP, so users don’t unknowingly try and use these vulnerable passwords.

    Integrate with your SIEM

    Send alerts and triangulate risk signals for a more complete risk & attack posture for your organization.

    COMPLY WITH NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY PASSWORD GUIDELINES

    …it is recommended that passwords chosen by users be compared against a “black list” of unacceptable passwords. This list should include passwords from previous breach corpuses, dictionary words, and specific words (such as the name of the service itself) that users are likely to choose.

    SCENARIO 1

    IMPROVE PASSWORDS – CHECK THEM AGAINST 555 MILLION KNOWN BAD ONES

    BUT THIS PASSWORD WAS STOLEN IN A PAST BREACH AND IS FOR SALE ON THE DARK WEB… 60+% REUSE THE SAME PASSWORD AMONG ACCOUNTS1… LEAVING YOU VULNERABLE!

    The National Institute of Standards and Technology (NIST) recommends the restriction of “passwords obtained from previous breach corpuses” and other “commonly-used” or “expected” values for passwords. StealthINTERCEPT Enterprise Password Enforcer leverages the Have I Been Pwned breach dictionary of 555 bad/ compromised passwords.

    https://www.darkreading.com/informationweek-home/password-reuse-abounds-new-survey-shows/d/d-id/1331689

    SCENARIO 2

    SAVE YOUR HELPDESK – SHOW USERS WHY PASSWORD CHOICE FAILS

    It can be uber frustrating when user’s password choices get rejected with no guidance on why, often leading to rising helpdesk calls and costs. Password policy changes often have the same effect but at enterprise scale.

    StealthINTERCEPT Enterprise Password Enforcer can now surface a clear definition of password policies and rejected password feedback to end users during the password change process. Showing users specifically what requirements they failed to meet is an immense help and reduces the need to call the helpdesk.

     

    SCENARIO 3

    STRENGTHEN PASSWORDS – ALLOW/DISALLOW PARTICULAR CHARACTER SUBSTITUTIONS

    Users think they are clever when replacing an “s” with “$” or “a” with “@” within dictionary words that often pass standard password policy for complexity, but attackers know this and leverage the same technique to compromise/guess the password.

    StealthINTERCEPT Enterprise Password Enforcer provides a substitution editor allowing administrators to modify or create permitted/not permitted custom character substitutions. We can also reduce the required effort to contemplate all variations of a password through character substitution. Administrators only need to specify character equivalents and the base word (e.g ‘Password’), Enterprise Password Enforcer does the rest.

     

    SCENARIO 4

    SAVE TIME – KNOW THE AFFECTS OF A PASSWORD POLICY CHANGE BEFORE DEPLOYMENT

    Wasted time and user & administrator frustration is often caused when organizations change password policies. Most don’t know the impact until deployment. Some accept it as a necessary evil, we found a better way!

    StealthINTERCEPT Enterprise Password Enforcer allows policy creators to test out any potential policy change without affecting users. We analyze the proposed policy against current environment passwords, reporting back which would fail and why. Get your policy right BEFORE engaging users.

    RESOURCES

    © 2020 Stealthbits Technologies, Inc.