For some businesses, vulnerability and penetration testing is a deeply-ingrained process that just works. However, for many others, this exercise is less known – arguably a mysterious, if not a downright scary aspect of running an information security program.... Read More
Blog
Categories
Regular Expressions for password complexity
Specops Password Policy contains a number of granular complexity, history, and dictionary requirements for passwords and utilizes basic C. However, we cannot always anticipate every customer’s unique password requirements. In order to give our customers the flexibility to set... Read More
Using Firefox Enterprise GPO’s to Enable Windows Integrated Authentication to Specops Websites
Mozilla recently launched Firefox 60, which now includes official support for configuration via Active Directory Group Policies. For customers using Specops uReset, Specops Authentication, or Specops Password Reset, this means you can now set up your Firefox users to... Read More
Windows error code 0x800708c5 when resetting a password using ADUC
We recently had a case where a customer saw the following unfriendly message during an administrator password reset against a user. The administrator performed the same reset from another DC in his environment (the same password against the same... Read More
Press Release: Specops enables organizations to block leetspeak in passwords
Stockholm, Sweden – April 19, 2018. Specops Software announced today the release of Specops Password Policy 6.8. The release enables IT departments to prevent users from circumventing the password dictionary by using character substitutions, also known as leetspeak. Leetspeak... Read More
Building a password dictionary: Overview and best practices
As long as users continue using common/predictable passwords, dictionary attacks will continue to work. Hackers are not the only ones who can take advantage of password predictability. The best protection against a dictionary attack is using a dictionary during... Read More
Confessions of an IT admin – O365 implementation experience
For its average user, over a 100 million of them, O365 equals seamless access to corporate data, and a ton of apps. For the IT administrator, it is a bigger attack surface, added complexities, and of course, a few... Read More
How to create a fine-grained password policy in AD
For the first eight years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Windows Server 2008 arrived on the scene, Microsoft introduced the concept of... Read More
O365 attacks continue exploiting your weakest link
With more than 120 million active users, Office (O365) is a frontrunner in the cloud service popularity contest. Consequently, its users are equally popular with hackers. For IT pros, storing data in the cloud means a bigger attack surface,... Read More
Security questions – authenticating with your worst kept secrets
Knowledge based authentication (KBA) is a form of identity verification that asks users to answer a “secret” to prove their identity before accessing a system. Passwords and security questions are the most common forms of KBA. Their familiarity means... Read More