Specops encourages longer passwords with length-based password aging
(Last updated on September 26, 2019)
Stockholm, May 15, 2019 – Specops Software announced today the release of Specops Password Policy 7.1. The release introduces length-based password aging which correlates the password expiration period with the length of the password – the longer the password, the longer the expiration period.
This feature promotes longer passwords by loosening frequent password changes when the user exceeds the minimum password length. This enables organizations to follow the latest National Institute of Standards and Technology (NIST) recommendation to avoid periodic password expirations.
“NIST calls for the removal of periodic password expirations due to negative effects on users and security,” said Lori Osterholm, CTO at Specops Software. “However, removing password expiry can leave an organization exposed to a security breach if the password is compromised. With the introduction of length-based password aging, organizations can strike the right balance between security and usability.”
The release also enhances the Specops Password Blacklist service with a downloadable version of the most commonly leaked passwords, aggregated from the hosted service. During a password change in Active Directory, the service can block and provide immediate feedback to users if the chosen password appears on the downloaded version of the password blacklist. Specops Password Blacklist includes billions of previously leaked passwords, compiled from various leaked lists, including the latest Collection 1 leak. When used together with length-based password aging, organizations can further relax their password expiration frequency.
“A strong password does not need to be changed frequently, but it should not be used indefinitely unless you can ensure that it is not leaked,” said Osterholm. “This release allows organizations to take a smarter approach to password security while promoting better password practices for users.”
For more information on how Specops Password Policy combines password blacklisting and length-based password aging to increase password security click here.
About Specops Software
Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Every day thousands of organizations use Specops Software to protect business data.