Specops Software Blog

Regular Expressions for Passphrases

As a follow up to our Regular Expressions for password complexity blog post, we’ll look at some of the more interesting things you can do with regular expressions. These are typically (but not necessarily) used in organizations using passphrase... Read More

What to expect during your next penetration test

For some businesses, vulnerability and penetration testing is a deeply-ingrained process that just works. However, for many others, this exercise is less known – arguably a mysterious, if not a downright scary aspect of running an information security program.... Read More

Regular Expressions for password complexity

Specops Password Policy contains a number of granular complexity, history, and dictionary requirements for passwords and utilizes basic C.  However, we cannot always anticipate every customer’s unique password requirements.  In order to give our customers the flexibility to set... Read More

Password dictionary overview and best practice

As long as users continue using common/predictable passwords, dictionary attacks will continue to work. Hackers are not the only ones who can take advantage of password predictability. The best protection against a dictionary attack is using a dictionary during... Read More

How to create a fine-grained password policy in AD

For the first 8 years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Windows Server 2008 arrived on the scene, Microsoft introduced the concept of... Read More

O365 attacks continue exploiting your weakest link

With more than 120 million active users, Office (O365) is a frontrunner in the cloud service popularity contest. Consequently, its users are equally popular with hackers. For IT pros, storing data in the cloud means a bigger attack surface,... Read More