The User must change password at next logon setting can be flagged in a couple of different scenarios in Active Directory, including when a user account password has expired, or when an administrator manually sets the flag on an account. Below is an... Read More
Specops Software Blog
Introducing Live Attack Data to Specops Breached Password Protection (plus what passwords you should block right now)
Today, Specops Software released the latest update to its Breached Password Protection list. This release includes, most notably, the addition of passwords observed in real attacks. Prior to this release, Specops Breached Password Protection sources included lists of known... Read More
Pipeline Cybersecurity Initiative best practices
There is no question that ransomware attacks are on the rise. They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel... Read More
Service account security best practices
There are number of privileges and roles granted to Windows users. However, it’s often necessary to restrict roles to specialized accounts called service accounts. These Active Directory (AD) accounts have deeper access to OS infrastructure, making them both handier and higher-priority... Read More
Are password reset solutions still relevant?
In case you haven’t been keeping up with the latest password guidance from noted cybersecurity organizations, it has changed from the traditional advice given regarding password security and password security policies. There are new and better ways to protect and secure account... Read More
Not Even Superheroes Have the Power to Stay Off of Breached Password Lists
Batman or Spiderman? Superman or Thor? Flash or Falcon? The infatuation with and intense debate over Marvel and DC superhero and villain supremacy among comic book aficionados is a year-round musing, but always intensifies during the summer months when the latest flick hits the... Read More
How to meet password requirements for PSN compliance
If you’re applying for a Public Services Network (PSN) compliance certificate, you will need to demonstrate your commitment to security and password protection. In this article we define these requirements and offer some valuable advice and solutions to help... Read More
What is the NCSC guidance on password managers?
To keep our accounts secure across the multiple services that we use, we need to choose strong passwords that are unique for each account or service. Yet, 52% of people reuse the same password for multiple accounts. Remembering multiple strong passwords for perhaps dozens of... Read More
HIPAA compliant password manager
Compliance with industry regulations are extremely important to IT priorities, and cybersecurity. One of the more prominent standards for safeguarding personal data is the Health Insurance Portability and Accountability Act (HIPAA) which provides guidelines for organizations dealing with protected health information (PHI). For sysadmins, compliance with HIPAA requires visibility and technical controls to protect electronic personal health... Read More
What is NIST guidance on password managers?
Today’s end-users are juggling many sets of credentials for accessing critical business resources. To prevent users from writing-down, reusing, or selecting weak but memorable passwords, businesses are turning to password managers. A password manager is an encrypted database used for storing, retrieving, and generating passwords. Enterprise password managers not only improve password security, but also simplify password management... Read More