Compliance

music notes and password security

Defending Your Network from RockYou2021 

In June 2021, a large data dump was posted to a popular internet hacking forum. This dataset was termed “rockyou2021,” named after the popular password brute-force wordlist known as Rockyou.txt.   Media and Twitter alike were abuzz with what to... Read More

laptop with login screen

Microsoft password expiration recommendation

Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of... Read More

masked password credential attacker

Pipeline Cybersecurity Initiative best practices

There is no question that ransomware attacks are on the rise.  They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel... Read More

password length on screen

What is the NCSC guidance on password managers?

To keep our accounts secure across the multiple services that we use, we need to choose strong passwords that are unique for each account or service. Yet, 52% of people reuse the same password for multiple accounts.   Remembering multiple strong passwords for perhaps dozens of... Read More

How to configure the NCSC password list in AD

Passwords are one of the weakest links when it comes to ensuring that your environment is secure.  Traditional user accounts and the associated passwords have long been the default security mechanism found in most environments.  With the very advanced... Read More

CJIS Password Policy

CJIS Password Policy Requirements

The Criminal Justice Information Services Division (CJIS) is a division of the FBI that provides a number of tools and services to law enforcement agencies around the country. Through systems like the National Crime Information Center (NCIC), Integrated Automated... Read More

Specops uReset and GDPR compliance

With the introduction of Specops uReset (version 8.1 or later) in the Microsoft EU data center, organizations can now choose which instance of Specops uReset they want to use. Specops uReset is a hybrid password reset solution. The cloud... Read More