MFA Fatigue Attack Improvements, Immediate password sync for hybrid resets & more Specops Authentication is our platform that secures self-service key recovery and password resets, changes and account unlocks with multi-factor authentication (MFA), via self-service and/or at the IT... Read More
Specops Software Blog
Hybrid password attacks: How they work and how to stop them
Cybersecurity measures force threat actors to get creative and come up with new and inventive ways to compromise user credentials. As the name suggests, hybrid password attacks involve combining two or more attack methods to carry out password cracking.... Read More
Never expire passwords? Why we shouldn’t ditch password expiry just yet.
Resetting passwords via service desk tickets and support calls is an everyday burden on IT teams. Users are equally frustrated when the ‘time to change your password’ notification pops up during a busy work day – especially when they... Read More
Update to GLBA safeguards rule: What you need to know
Financial institutions are at the forefront of cybersecurity challenges due to the sensitive nature of the data they handle. As the frequency and sophistication of cyberattacks increase, so does the need for robust regulatory safeguards, requiring organizations to bolster... Read More
[New Data] Block These Top Keyboard Walk Patterns Found in Compromised Passwords
Keyboard Walk “Qwerty” Found in Compromised Passwords More than 1 million times Today, the Specops research team is sharing the results of their latest findings on the use of keyboard walk patterns in compromised passwords. The release of these... Read More
How does a brute force password attack work?
Compromising login credentials is the goal of many modern cyber-attacks. If successful, they can result in the worst types of data breaches, especially when high-level accounts are breached. One of the oldest and most common methods for guessing a... Read More
Active Directory honeypot accounts: How to keep attackers sweet
Monitoring and detecting account compromise is one of the most challenging tasks for IT admins and SecOps professionals. Once a legitimate account has been compromised, it can be difficult to detect an attacker’s activities until it’s too late and... Read More
Kerberoasting attacks: How to keep your Active Directory safe
A domain administrator account is the holy grail of privileged accounts in a Microsoft Active Directory environment. If an attacker can get their hands on a Domain Administrator account in the domain, they’ll have access to basically everything. Kerberoasting... Read More
Active Directory password hardening: How it’s done
Weak passwords are a problem waiting to happen – Verizon estimates that 80% of hacking-related breaches come from weak or stolen passwords. They’re the most common way for people to access their accounts and applications, making them an obvious... Read More
MFA prompt bombing: How it works and how to stop it
User credentials are golden prizes for attackers. Weak or breached credentials provide an easy target for attackers looking to log in to a network instead of breaking in. Most businesses have caught on to the fact that multi-factor authentication... Read More