This expansion coincides with the publication of the 3rd annual Specops Breached Password report. Today, Specops Software announced the addition of a new source of compromised password data for the Specops Breached Password Protection service used by Specops Password... Read More
Blog
Categories
What is cybersquatting and how can you protect your brand?
Impersonation fraud is one of the biggest threats facing today’s businesses — and the threat continues to grow. In fact, the US Federal Trade Commission reports that impersonation attacks, which includes misleading domain names (also known as cybersquatting), are increasing... Read More
Specops Authentication: What We Added in H2 2023
Support for Kerberos Integrated Authentication, Improved Fatigue Attack Prevention, New Identity Service & More Specops Authentication is our platform that secures self-service key recovery and password resets, changes and account unlocks with multi-factor authentication (MFA), via self-service and/or at... Read More
Microsoft transitions NTLM to Kerberos in Windows to boost security
Windows authentication is a process that’s been around for decades. Unsurprisingly, attackers often target this authentication mechanism, preying upon weaknesses and vulnerabilities as they crop up. To help secure Windows authentication, Microsoft recently announced it was deprecating reliance on... Read More
Holiday season cyber threats: Is your service desk prepared?
Cybercriminals strategically time their attacks for when cyber defenses are most vulnerable. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have noticed a significant increase in ransomware attacks against US companies during holidays and weekends.... Read More
Nine ways MFA can be breached (and why passwords still matter)
Of all the access security recommendations you come across, multi-factor authentication (MFA) is arguably the most consistent. And there’s good reason many best practice recommendations and compliance frameworks now place MFA at the top of the list of security... Read More
[New research] How tough is bcrypt to crack? And can it keep passwords safe?
Earlier this year, the Specops research team published data on how long it takes attackers to brute force MD5 hashed user passwords with the help of newer hardware. Now we’ll be putting the bcrypt hashing algorithm to the test,... Read More
How to force password changes at next logon in Entra ID (formerly Azure AD)
Entra ID (formerly Azure AD) is the central component for identity and access management in Microsoft Azure, and by extension, Microsoft 365. Managing users and passwords for organization accounts requires understanding how Entra ID (formerly Azure AD) handles password... Read More
Aligning password policies with cybersecurity KPIs
As an IT pro, you’re tasked with measuring (and ultimately proving) the value of your cybersecurity investments. But how do you show that your security efforts and expenditures have the desired effect? One way is by aligning your cybersecurity... Read More
Password reuse: A hidden danger you can’t ignore
Reusing passwords is common, despite years of warnings to end users. It’s a problem that’s difficult for IT teams to get a handle on, especially if people are reusing work passwords at home. This means a breach elsewhere can... Read More