Encouraging the employees in your organization to make use of the enterprise password manager which your organization has secured means that protecting access to their password manager vaults is of upmost importance.
How should you secure it?
A common implementation for businesses is to integrate Active Directory with their password manager. This allows for seamless onboarding and offboarding as administrators can utilize existing Active Directory functionality to grant and remove access.
The other piece of the integration is to utilize the Active Directory password as the master password. Many organizations choose this path to enforce additional security measures for that main master password.
If you’re using an enterprise password manager today, you can use Specops Password Policy to enforce the following measures on the master password.
- Prevent the use of over 2 billion leaked passwords
- Block the use of any word relevant to your organization via a custom dictionary
- Block Active Directory usernames, incremental passwords, display names, consecutive characters and more
- Dynamic feedback on password change and friendly end-user messaging
With Specops Password Policy, you can easily enforce compliance requirements, block dictionary words, and help users create stronger passwords. Specops Password Policy extends the functionality of Group Policy, and simplifies the management of fine-grained password policies. The solution can target any GPO level, group, user, or computer with dictionary and passphrase settings. Together with Breached Password Protection, you can also block the use of over 2 billion compromised passwords.