We recently had a case where a customer saw the following unfriendly message during an administrator password reset against a user. The administrator performed the same reset from another DC in his environment (the same password against the same... Read More
Press Release: Specops enables organizations to block leetspeak in passwords
Stockholm, Sweden – April 19, 2018. Specops Software announced today the release of Specops Password Policy 6.8. The release enables IT departments to prevent users from circumventing the password dictionary by using character substitutions, also known as leetspeak. Leetspeak... Read More
Specops password dictionary overview and best practice
As long as users continue using common/predictable passwords, dictionary attacks will continue to work. However, hackers are not the only ones who can take advantage of password predictability. The best protection against a dictionary attack is using a dictionary... Read More
Confessions of an IT admin – O365 implementation experience
For its average user, over a 100 million of them, O365 equals seamless access to corporate data, and a ton of apps. For the IT administrator, it is a bigger attack surface, added complexities, and of course, a few... Read More
Strengthening knowledge-based authentication with graphical passwords
User authentication is a necessary component in any digital security process. Whether it’s a password to an online account, or answering a security question when the password fails, we are all familiar with the verification process carried out via... Read More
How to create a fine-grained password policy in Active Directory
For the first 8 years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Server 2008 arrived on the scene, Microsoft introduced the concept of Fine... Read More
O365 attacks continue exploiting your weakest link
With more than 120 million active users, Office (O365) is a frontrunner in the cloud service popularity contest. Consequently, its users are equally popular with hackers. For IT pros, storing data in the cloud means a bigger attack surface,... Read More
Security questions – authenticating with your worst kept secrets
Knowledge based authentication (KBA) is a form of identity verification with secrets only known by the user. Passwords and security questions are the most common forms of KBA. Their familiarity means that they are the primary use case for... Read More
Press Release: Specops enables organizations to comply with password requirements from NIST and NCSC
Stockholm, Sweden – March 7, 2018. Specops Software announced today the release of Specops Password Policy 6.7, which provides customers with a password blacklist to comply with requirements from the National Institute of Standards and Technology (NIST) and National... Read More
How things work: Group Policy Caching
The release of Windows 8.1 and Server 2012 R2 introduced a new Group Policy concept called Group Policy Caching. Its purpose is to reduce the time it takes to perform certain scenarios for synchronous foreground Group Policy refresh. Here’s... Read More