After a confirmed or even suspected security breach it may be advised to have all users change their passwords. In this post we’ll review how to confirm if users have changed their passwords and how to force users to complete... Read More
The Most Common Football Team Names Found in Breached Passwords
STOCKHOLM – If the Superbowl winner could be predicted by breached password lists, the Los Angeles Rams would be this season’s winner. Today, Specops Software released an update to the Breached Password Protection list and of a recent analysis of sports-related compromised passwords. “With the NFL season beginning in the... Read More
Specops Password Policy comparison and price
In the market for a third-party password policy solution? If an audit has revealed poor password practices, you may look to Microsoft Fine-Grained Password Policy (FGPP) for additional flexibility over default domain password settings. Unfortunately, FGPP still lacks a... Read More
The NCSC revises Cyber Essentials but keeps its password guidance
The NCSC recently announced revisions to the Cyber Essentials scheme, including annual expirations on certificates. Yet, there are no plans to update technical controls, such as the password policy requirements. What does this mean for your organisation? Read More
How to configure password expiration notifications
When it comes to notifying users that their passwords are going to expire soon, more communication is always better. Users do not enjoy the password change process; keeping them informed as to when their password will expire is a great... Read More
PCI compliance requirements in the UK
In 2018, criminals successfully stole £1.3 billion through fraud and scams. Now more than ever, businesses that processes cardholder data look to the Payment Card Industry Data Security Standard (PCI DSS) for security recommendations. PCI DSS is a set... Read More
NIST password standards and requirements
The National Institute of Standards and Technology (NIST) sets the information security standards for federal agencies. Through its Special Publication (SP) 800-series, NIST helps organizations meet regulatory compliance requirements such as HIPAA, and SOX. The recent update to the... Read More
ASD password policy best practices
Australian businesses are juggling as many as 85 different passwords. To take greater control of their password security, they must look to the Australian Cyber Security Centre (ACSC) for guidance. The ACSC is the nation’s leading agency on cyber security. The ACSC is hosted by the Australian Signals... Read More
How to enforce password complexity in O365?
As organizations move data to the cloud, strong password policies have never been more important. Here is how to use the on-premises Active Directory to enforce password complexity in O365. Read More
CJIS Password Policy Requirements
The Criminal Justice Information Services Division (CJIS) is a division of the FBI that provides a number of tools and services to law enforcement agencies around the country. It is also the central repository for Criminal Justice Information (CJI),... Read More