Many organizations now have a large remote workforce. Servicing this user base has a certain set of logistical and security challenges. One of these challenges includes securely setting and delivering an initial password for remote onboarding of new hires.... Read More
Blog
Categories
[New research] Not so temporary: Most commonly breached new hire passwords
Today, the Specops research team is publishing new data on the most commonly breached new account passwords. We’ve looked at breached passwords that are likely to have been intended as temporary passwords, some of which could have been used... Read More
Specops Software Introduces First Day Password to Secure Employee Onboarding
Today, Specops Software is announcing the release of a new offering to help secure passwords set as part of the employee onboarding process. With First Day Password, organizations will be able to say goodbye to insecure methods of sharing... Read More
Why use passphrases over passwords? | Passphrase best practice guide
A passphrase is a password; it’s simply one that’s made up of random whole words (usually, three, or four). So if a passphrase is just a password, why does it matter which one we enforce end users to create?... Read More
Best practice guide for rolling out Specops Password Policy
Rolling out a new password policy without a plan is a recipe for disaster. You want to avoid a situation where all end users are prompted to change their passwords at the exact same time – triggering chaos for... Read More
Secured your Active Directory? EASM is your next password security step.
It’s important to lock down the basics first when it comes to cybersecurity. You could purchase a state-of-the-art security system for your house – but it’s still going to be targeted by criminals if you leave the doors and... Read More
[New research] The top malware hackers use to steal your users’ passwords
Today, the Specops research team is publishing new data on the types of malware hackers are using to steal passwords and sell them on the dark web. This coincides with the latest addition of over 48 million compromised passwords... Read More
Password security vs user experience: Four ways to make end users love password security (or at least tolerate it).
When end users find their organization’s security measures burdensome or frustrating, it can significantly increase the risk of insider threats. Gartner revealed that 69% of employees have disregarded their organization’s cybersecurity guidance in the past year. This doesn’t mean... Read More
Six attack paths in Active Directory and how to remediate them
One of the crown jewels for an attacker who infiltrates an enterprise environment is Active Directory Domain Services (AD DS). There are several attack paths the “blue team” needs to remediate to bolster the security of Active Directory. Remediating... Read More
How an ex-employee’s leaked credentials led to a U.S. State Government breach
A U.S. State Government organization’s network was recently compromised through a former employee's administrator account. The organization itself is unnamed, but we know that the threat actor successfully authenticated into an internal virtual private network (VPN) access point using... Read More