Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of... Read More
Password Management
Premier League Clubs May Want to Be Relegated from This Breached Password List
Chelsea, one of England’s most successful football clubs, can add another trophy to their record today, as they rank in first place on Specops’ breached password list. This is according to our new research, ahead of the start of the Premier League 2021 season,... Read More
Service account security best practices
There are number of privileges and roles granted to Windows users. However, it’s often necessary to restrict roles to specialized accounts called service accounts. These Active Directory (AD) accounts have deeper access to OS infrastructure, making them both handier and higher-priority... Read More
Are password reset solutions still relevant?
In case you haven’t been keeping up with the latest password guidance from noted cybersecurity organizations, it has changed from the traditional advice given regarding password security and password security policies. There are new and better ways to protect and secure account... Read More
What is the NCSC guidance on password managers?
To keep our accounts secure across the multiple services that we use, we need to choose strong passwords that are unique for each account or service. Yet, 52% of people reuse the same password for multiple accounts. Remembering multiple strong passwords for perhaps dozens of... Read More
HIPAA compliant password manager
Compliance with industry regulations are extremely important to IT priorities, and cybersecurity. One of the more prominent standards for safeguarding personal data is the Health Insurance Portability and Accountability Act (HIPAA) which provides guidelines for organizations dealing with protected health information (PHI). For sysadmins, compliance with HIPAA requires visibility and technical controls to protect electronic personal health... Read More
How to get decision makers to sign-off on your password security project
While IT administrators often innately understand the cost of not addressing a cybersecurity project, it can be hard to get non-IT management to understand why certain projects should be prioritized. In their July 2018 survey, Spiceworks and AT&T found... Read More
Specops Password Policy comparison and price
In the market for a third-party password policy solution? If an audit has revealed poor password practices, you may look to Microsoft Fine-Grained Password Policy (FGPP) for additional flexibility over default domain password settings. Unfortunately, FGPP still lacks a... Read More
NIST password standards and requirements
The National Institute of Standards and Technology (NIST) sets the information security standards for federal agencies. Through its Special Publication (SP) 800-series, NIST helps organizations meet regulatory compliance requirements such as HIPAA, and SOX. The recent update to the... Read More
What causes BitLocker Recovery Mode?
This blog will look at the root causes of BitLocker Recovery Mode, and how you can mitigate its impact on the helpdesk with self-service key recovery. Read More