To illustrate how essential IT systems are to the proper functioning of the business, system administrators should use a number of metrics to communicate key KPIs with non-technical leadership. This can help justify the overall budget of the IT department, as well as the... Read More
Password Management
Friends or Simpsons? New data shows which TV shows are most popular in breached passwords
Looking to catch up with your favorite TV show as it returns this month? You might want to rethink expressing your fandom in your password, as new research from the Specops team shows which TV shows are most popular in... Read More
Block These Recently Leaked VPN Passwords to Prevent Ransomware Attacks [new data]
Worried about ransomware attacks? Recent attack news indicates you should be looking to secure your VPN connections. Last week, we learned that thousands of Fortinet VPN passwords had been leaked on the dark web by a former ransomware operator.... Read More
Troubleshooting tips for Azure AD banned password list
Not all implementations of Azure AD password protection go smoothly. This blog explores some quirks with the banned password lists, and offers remediation tips related to them. Understanding the Scoring System Many teams get tripped up when establishing their password policies in Azure AD. While the banned password list... Read More
Why cached credentials are causing account lockouts
Active Directory user accounts can get locked out due to a number of reasons, especially when working remotely. Windows systems can cache credentials for users. Yet, cached credentials causing account lockouts is a major problem for remote users. Cached Active Directory credentials To understand the purpose of... Read More
Microsoft password expiration recommendation
Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of... Read More
Premier League Clubs May Want to Be Relegated from This Breached Password List
Chelsea, one of England’s most successful football clubs, can add another trophy to their record today, as they rank in first place on Specops’ breached password list. This is according to our new research, ahead of the start of the Premier League 2021 season,... Read More
Service account security best practices
There are number of privileges and roles granted to Windows users. However, it’s often necessary to restrict roles to specialized accounts called service accounts. These Active Directory (AD) accounts have deeper access to OS infrastructure, making them both handier and higher-priority... Read More
Are password reset solutions still relevant?
In case you haven’t been keeping up with the latest password guidance from noted cybersecurity organizations, it has changed from the traditional advice given regarding password security and password security policies. There are new and better ways to protect and secure account... Read More
What is the NCSC guidance on password managers?
To keep our accounts secure across the multiple services that we use, we need to choose strong passwords that are unique for each account or service. Yet, 52% of people reuse the same password for multiple accounts. Remembering multiple strong passwords for perhaps dozens of... Read More