Specops Password Policy 7.8 – Automate Breached Password Protection Express updates via Cmdlets & more

Today we’ve released the latest version of our Active Directory password management solution, Specops Password Policy 7.8.

In this post, we’ll take a look at what’s new:

  • New cmdlets for updating the Breached Password Protection Express list
  • New BCC option for emails sent from Specops Password Policy
  • New status info available on the Specops Password Policy Sentinel Service
  • And more

New: Automate Breached Password Protection Express updates via Cmdlets

In this release, we’ve added new cmdlets for updating the Breached Password Protection Express list. The Express list is used to provide immediate feedback at password change as well as nightly breached password scanning.

The Express list is updated a few times a year and requires some manual action by administrators to deploy the new lists.

This release introduces two new cmdlets that can make those manual actions easier and even, with the help of scheduled tasks, eliminate the manual load:

  • Get-PasswordPolicyBppExpressList – This cmdlet gets the status of the BPP Express list to determine if there is an update available online.
  • Update-SppBppExpressList – This cmdlet updates the BPP Express list if there is an update available online.

Here’s what a scheduled task using these new cmdlets to automate the Express list updates could look like:

Scheduling the Update-SppBppExpressList cmdlet to check and update the list daily via the Task Scheduler

When using the Update-SppBppExpressList cmdlet, no action will be taken if the list is already up to date. Read more about how to set up your own scheduled task in this Knowledge Base article.

Don’t have our Breached Password Protection service configured? Reach out to get details on how to add this ability to block over 4 billion unique compromised passwords to Specops Password Policy.

New: Add a BCC Recipient to Password Expiration or Breached Password Notification Emails

In this release, we’ve added the ability to configure bcc recipients for password expiration and breached password notification emails within Specops Password Policy.

Adding an email address to the Email notification BCC field in Specops Password Policy 7.8

Whether customers are trying to discourage a “reply all” on these emails or simply prefer to keep the other recipients or distribution lists receiving that email private, upgrading to Specops Password Policy 7.8 will enable this feature.

New: More Information about the Sentinel Service Status Viewable in Domain Admin Tools

The Specops Password Policy Sentinel Service is the component that runs the Breached Password Protection checks, among other tasks. With this release, we’ve made it easier to see the status of the Sentinel Service from the Domain Administration Tools.

More details shown on the Password Policy Sentinels screen in Specops Password Policy 7.8

The information available for the Sentinel Service in this view includes a prompt to update the Service when it is out of date and a “stopped” status for when the service has stopped running.

More improvements and fixes

More improvements and fixes including some language setting consolidation, usability improvements and more can be found in the release notes.

If you are an existing Specops Password Policy customer, you can find upgrade instructions here. If you have questions about upgrading, please contact support.

See how Specops Password Policy can help

If you’re interested in seeing a demo of the latest Specops Password Policy or have questions about how you can block over 4 billion compromised passwords with Breached Password Protection, contact us.

(Last updated on April 4, 2023)

Back to Blog