[New research] Top malware hackers use to steal your end-users’ passwords

A recent study of 359 million stolen passwords over the past six months has revealed the most common types of malware used to obtain login information. The analysis shows that a specific type of malware, known as Redline, was responsible for almost 50% of the stolen passwords.

This emphasizes the danger of reusing passwords and the prevalence of these compromised credentials being sold on the dark web. If employees use the same passwords for work and on vulnerable websites or devices, it could lead to compromised passwords within your Active Directory and other platforms such as Entra iD and Okta if password syncing is enabled.

It is essential to regularly scan your Active Directory for any compromised or breached passwords. Block compromised passwords and more with Specops Password Policy. Get a demo to see how!

Chart: Top Malware Password Stealing Specops Research

After decades of end user training, passwords are still a problem for IT teams and a weak point in many organization’s cybersecurity strategies. A huge amount of cybercrime still focuses on passwords: stealing credentials, selling them on, and using them as an initial access point for breaching organizations. Verizon estimates stolen credentials are involved in nearly half (44.7%) of all data breaches, and we know there’s a thriving underground marketplace for stolen data and credentials.

– Darren James, Sr. Product Manager

Better Password Security in Active Directory with Specops Password Policy

Enforce a stronger Active Directory password policy  that meets compliance requirements from NIST, HIPAA and more with Specops Password Policy. Plus, continuously block over 4 billion unique compromised passwords, and help users create stronger passwords in Active Directory with dynamic, informative client feedback. Specops Password Policy extends the functionality of Group Policy, and simplifies the management of fine-grained password policies. 

The solution can target any GPO level, group, user, or computer with dictionary and passphrase settings. 


Please fill in your information and a password security expert will get in touch with you for scheduling. All fields are mandatory.


Create Compliant Password Policies

Simplify passwords for users and place the burden on authentication systems. It has never been easier to comply with regulatory password recommendations from NIST, CJIS, NCSC, ANSSI, CNIL, BSI, HITRUST, PCI and more. With compliance driven templates, and a reporting tool to ensure they match or exceed regulatory standards, Specops Password Policy makes compliance a breeze.

Do you know how your existing password policies compare to best practices? For each password policy, you can drill down and see how the settings compare to various industry standards. Measuring your policies against industry recommendations can help safeguard your organization against common password-related attacks, including brute-force, rainbow table, and dictionary attacks.

Block Weak Passwords

Need a comprehensive list of vulnerable passwords to prevent dictionary attacks? Our password policy tool gives you many options. You can use a password dictionary, a file containing commonly used and/or compromised passwords, to prevent users from creating passwords susceptible to dictionary attacks. During a password change in Active Directory, the password check rejects any passwords found in the dictionary. Create a custom dictionary containing potential passwords relevant to your organization, including company name, location, services, and relevant acronyms. 

With the Breached Password Protection add-on, you can even block the use of more than 4 billion compromised passwords including those found on known breached lists as well as passwords being used in attacks happening right now

Target Password Entropy

Specops Password Policy enforces password length and complexity while blocking common character types at the beginning/end of passwords, as well as consecutively repeated characters. To help users create stronger passwords they can actually remember, the solution also supports passphrases.

Password attacks work because users are predictable. When asked to create a complex password, users follow familiar patterns. This means starting with a common word, followed by a number and/or special character. The length of the password is an effective defense. Passphrases, a combination of words that are meaningless together, are easier to remember and harder to crack.

5 stars

Easy and Intuitive to Use

If you are looking to strengthen passwords in Active Directory, you should definitely consider using Specops Password Policy. It’s easy and intuitive to use, and works as advertised.

Vlatko Kosturjak
Source: Help Net Security

Customer Reviews

Allows our users to be autonomous

Specops is a very complete solution that has largely fulfilled its objectives within our company. Thanks to this solution our users are totally autonomous to change their passwords”

5 stars

The Strongest Password Tool Ever!!!

“It has a lot of good features that you configure to make policy strongest. And it’s very good buy this tool with express list API very useful to assign your policy with external data breach list.”

5 stars

Easy, fast to deploy, immediate return of investment

“Deployed to 400 users in one hour with help of support. Support was really helpful, and whole process from testing to buying was fast & convincing.”

5 stars

Additional Resources​