The password policy guidance from the NHS doesn't stand a chance against today's attacks. With a single breach opening the door to other systems, the NHS needs to stop users from using vulnerable passwords. Read More
Password Policy Management
Pattern-based passwords are not secure – here is how you can block them
Password complexity is believed to increase security, but it can also motivate predictable password patterns. Passwords inspired by adjacent key movements, such as "qwerty" are extremely vulnerable. Read More
Leetspeak passwords – predictable and crackable
Leetspeak enables users to create passwords that are easy to remember, and easy crack. By preventing users from utilizing character substitution during password creation, Specops Password Policy can guide users towards stronger passwords. Read More
Copying data from one attribute to another attribute in Active Directory
We often have customers that want to allow their users to use their mobile device as an identity service for our self-service solutions. By default, we use the ‘mobile’ attribute in AD as it automatically enrolls a user into... Read More
Custom ADMX templates for the Specops Authentication Client with Specops Password Reset
One of the great things about Specops Software solutions is that they are designed to require as little installation effort as possible. This means that our customers can get a system up and running very quickly, usually zero impact... Read More
Regular Expressions for Passphrases
As a follow up to our Regular Expressions for password complexity blog post, we’ll look at some of the more interesting things you can do with regular expressions. These are typically (but not necessarily) used in organizations using passphrase... Read More
Regular Expressions for password complexity
Specops Password Policy contains a number of granular complexity, history, and dictionary requirements for passwords and utilizes basic C. However, we cannot always anticipate every customer’s unique password requirements. In order to give our customers the flexibility to set... Read More
Windows error code 0x800708c5 when resetting a password using ADUC
We recently had a case where a customer saw the following unfriendly message during an administrator password reset against a user. The administrator performed the same reset from another DC in his environment (the same password against the same... Read More
Building a password dictionary: Overview and best practices
As long as users continue using common/predictable passwords, dictionary attacks will continue to work. Hackers are not the only ones who can take advantage of password predictability. The best protection against a dictionary attack is using a dictionary during... Read More
How to create a fine-grained password policy in AD
For the first eight years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Windows Server 2008 arrived on the scene, Microsoft introduced the concept of... Read More