Reusing passwords is common, despite years of warnings to end users. It’s a problem that’s difficult for IT teams to get a handle on, especially if people are reusing work passwords at home. This means a breach elsewhere can... Read More
Password Policy Management
Categories
Enable Microsoft Entra Password Protection (formerly Azure AD Password Protection) in a hybrid environment
With default Active Directory password policies, many organizations find that users create weak, easily guessed, or incremental passwords that attackers can easily compromise. Using Microsoft Entra Password Protection (formerly Azure AD Password Protection), organizations can have an additional layer... Read More
Useful PowerShell commands for managing Active Directory password policies
Managing password policies in Active Directory is an essential task for a system administrator managing AD DS environments. Password policies help to enforce password policy best practices so passwords are not easily guessed or compromised. Managing and configuring password... Read More
Thinking about going passwordless? Here’s what to consider first.
In 2004, Bill Gates made a bold prediction that passwords would soon be dead. Almost twenty years later, the password is pretty much as prevalent as ever. If you’re here, it’s a question that’s probably crossed your mind too:... Read More
These Fortune 500 Companies Show Up Most Often in Compromised Password Data
Today, the Specops research team is sharing the results of their latest findings on the use of Fortune 500 company names in compromised passwords. The release of these findings coincides with the latest addition of over 33.9 million compromised... Read More
Authentication service outage or compromise? How to keep your business running
User authentication services for MFA impact many systems running in businesses today. But what happens when that authentication service is down or no longer reliable? Planning for the potential pitfalls and challenges in authentication means that your organization won’t... Read More
Password mask attacks explained: What are they & how do they work?
Credential-based attacks remain one of the most effective techniques used by cybercriminals to breach enterprise networks. In 2024 alone, 88% of web application attacks involved the use of stolen credentials, according to Verizon’s 2025 Data Breach Investigations Report. Among... Read More
How to block common password patterns in Active Directory passwords
Between work and personal accounts, the average person may have dozens of passwords to remember. Strong password hygiene indicates a unique password for each account, but when users have so many passwords to remember, they come up with a... Read More
New in Specops Password Policy 7.7 – Improved Password Expiry Emails and More
Today we’ve released the latest update to our Active Directory password management solution, Specops Password Policy 7.7. This release includes improved intervals for password expiration reminder emails, as well as new functionality for sending test emails and selecting specific... Read More
Service account password rotation
Service accounts are the unseen heroes of your organization’s architecture – they keep critical services running. While most organizations are generally aware of the sensitive nature of service accounts, password practices can still be poor. It is not uncommon... Read More