Specops Software Blog

number 60 on top of cake

Death of the password? It’s only 60!

We marked our calendars, counting down the months, days, and minutes. Now, the day we’ve all been waiting for is here: the 60th anniversary of the computer password!  Since its beginning in an MIT lab in the fall of... Read More

city street with cars

NYDFS cybersecurity regulation requirements

Financial organizations house a myriad of sensitive customer data, including login credentials, personally identifiable information (PII), and account numbers. With valuable data at stake, the financial services industry repeatedly has the highest cost of cybercrime. As the threat of breaches looms across the industry, and remote work introduces more variables into the cybersecurity equation, it’s clear that... Read More

devices with password requirements

FFIEC password requirements

Cyberattacks often target the financial industry due to the nature of the information they possess. One of the organizations that provide cybersecurity guidance and standards for financial institutions is the Federal Financial Institutions Examination Council (FFIEC). While the FFIEC does not offer specific password characteristics... Read More

banned passwords

Troubleshooting tips for Azure AD banned password list

Not all implementations of Azure AD password protection go smoothly. This blog explores some quirks with the banned password lists, and offers remediation tips related to them.   Understanding the Scoring System  Many teams get tripped up when establishing their password policies in Azure AD and for good reason. First,... Read More

coding with lock

Open ports and their vulnerabilities

One of the age-old tenets of good network security is only open network ports that are necessary and make sure you have protection around any port open to the outside world.    Open ports provide attackers with an opportunity to compromise... Read More

locks highlighted and lined up

Why cached credentials are causing account lockouts

Active Directory user accounts can get locked out due to a number of reasons, especially when working remotely. Windows systems can cache credentials for users. Yet, cached credentials causing account lockouts is a major problem for remote users.   Cached Active Directory credentials  To understand the purpose of... Read More

music notes and password security

Defending Your Network from RockYou2021 

In June 2021, a large data dump was posted to a popular internet hacking forum. This dataset was termed “rockyou2021,” named after the popular password brute-force wordlist known as Rockyou.txt.   Media and Twitter alike were abuzz with what to... Read More