Specops encourages longer passwords with length-based password aging
Stockholm, May 15, 2019 – Specops Software announced today the release of Specops Password Policy 7.1. The release introduces length-based password aging which correlates the password expiration period with the length of the password – the longer the password, the longer the expiration period.
This feature promotes longer passwords by loosening frequent password changes when the user exceeds the minimum password length. This enables organizations to follow the latest National Institute of Standards and Technology (NIST) recommendation to avoid periodic password expirations.
“NIST calls for the removal of periodic password expirations due to negative effects on users and security,” said Lori Osterholm, CTO at Specops Software. “However, removing password expiry can leave an organization exposed to a security breach if the password is compromised. With the introduction of length-based password aging, organizations can strike the right balance between security and usability.”
The release also enhances the Specops Password Blacklist service with a downloadable version of the most commonly leaked passwords, aggregated from the hosted service. During a password change in Active Directory, the service can block and provide immediate feedback to users if the chosen password appears on the downloaded version of the password blacklist. Specops Password Blacklist includes billions of previously leaked passwords, compiled from various leaked lists, including the latest Collection 1 leak. When used together with length-based password aging, organizations can further relax their password expiration frequency.
“A strong password does not need to be changed frequently, but it should not be used indefinitely unless you can ensure that it is not leaked,” said Osterholm. “This release allows organizations to take a smarter approach to password security while promoting better password practices for users.”
For more information on how Specops Password Policy combines password blacklisting and length-based password aging to increase password security click here.
About Specops Software
Specops Software is the leading provider of password management and authentication solutions. Specops protects your business data by blocking weak passwords and securing user authentication. With a complete portfolio of solutions natively integrated with Active Directory, Specops ensures sensitive data is stored on-premises and in your control. Every day thousands of organizations use Specops Software to protect business data.
The release of Specops uReset 8.0 introduces compatibility with the Specops Password Blacklist service, enabling real-time feedback if a new password appears on the blacklist.Read More
Stockholm, Sweden – November 14, 2018. Specops Software announced today a new release of Specops Authentication for Office 365 (O365). The release introduces self-service password reset functionality by using the common dynamic multi-factor authentication (MFA) engine. The release also introduces Efos for SITHs cards in Sweden, fail over capability, and new languages to the user interface…Read More
IT departments can now use Specops Password Blacklist, a hosted service with a continuously updated list of leaked passwords, to prevent users from utilizing high-risk passwords.Read More