How to create a fine-grained password policy in AD

For the first 8 years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Server 2008 arrived on the scene, Microsoft introduced the concept of fine-grained... Read More

New MFA requirements for PCI password compliance

The Payment Card Industry Data Security Standard (PCI DSS) regulates security practices to protect cardholder data. Password compliance plays an important role in the PCI standards by dictating password complexity to strengthen defense against unauthorized access. New requirements coming... Read More

The role of passwords in HIPAA compliance

Healthcare is a high value target for hackers given the nature of the data and its poor security stance – ranking the sixth lowest, in security performance across industries. Passwords are the first line of defense against cyberattacks and... Read More

password entropy

Comparing the strength of different password policies

This article dives deep into the math that is hidden behind the Relative Password Policy Strength in Specops Password Auditor. Bring your combinatorics book and strap in for a math lesson. Relative Password Policy Strength The password policy strength... Read More

Penetration test exposes poor password habits

With threats to your environment emerging on regular basis, your organisation is more susceptible to attacks than ever before. Early detection of vulnerabilities can help you understand what can be compromised, and how you can prevent it. Penetration testing... Read More

PCI password security checklist

PCI password security checklist

The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that were developed to protect card information during and following a financial transaction. The PCI  DSS applies to any merchant or service provider that handles,... Read More