End-user passwords are often the weakest link in IT security, providing the path of least resistance for an attacker looking to penetrate business systems. Users commonly choose easy to remember, and consequently, easy to compromise passwords. In IBM’s Cost... Read More
Specops Software Blog
2022-2023 NIST 800-63b Password Guidelines and Best Practices
The most basic form of authentication is the password. Despite many advancements in cybersecurity, the username and password, although outdated, are still used as the most common form of authentication today. Enterprise environments have long used password policies to... Read More
Password Policies and Guidelines
Using a password policy is an important part in enhancing your organization’s password security. Cyberattacks continue to explode around the world with a variety of techniques to compromise corporate passwords. To defend against these attacks, organizations employ password policies... Read More
Forcing a password reset? This new Password Auditor report can help
Today, Specops Software released the latest version of Specops Password Auditor, introducing a new report that will make the lives of IT admins looking to force a password reset a little easier. This release comes in response to last... Read More
Active Directory reversible encryption explained
If you have administered password policies in Active Directory or looked at the local policies present in the Windows client operating system, you may have noticed an interesting setting contained in the Account policies section. The setting is Store... Read More
PowerShell Scripts to Force Password Change for All Users After a Security Incident
After a confirmed or even suspected security breach it may be advised to have all users change their passwords. In this post we’ll review how to confirm if users have changed their passwords and how to force users to complete... Read More
Attack Recovery: How to Implement a “Reset All AD Passwords” Directive
In light of potential increase in cyberattacks, the White House issued a fact sheet on March 21, 2022, with wide-sweeping cybersecurity recommendations. One recommendation is to reset all passwords, to eliminate the possibility of an unknown leaked credential being... Read More
Nvidia leak shows weak passwords in use [new data]
Cyber-criminal group LAPSUS$ claimed GPU manufacturer Nvidia as one of its latest breach victims at the end of February. The news of the breach made headlines in the past few weeks, including details that employee passwords were leaked. The... Read More
New Specops Report Reveals Passwords Are Weakest Link For Networks
Organizations’ current password usage and policies leaving businesses and employees vulnerable to cyberattacks Stockholm, March 8, 2022 — Password-related attacks are on the rise. Stolen user credentials including name, email and password were the most common root cause of... Read More
How to delegate password reset permissions in Active Directory
Least privilege access is a crucial part of security that protects against overprovisioning user permissions. Even with IT technicians, and junior administrators, this needs to be considered when configuring permissions in the environment. A case in point is helpdesk... Read More