Champneys Eradicate Breached Passwords

Moving Beyond “Basic” Security

Champneys specializes in the art of relaxation and pampering. But for their internal IT staff, Microsoft 365’s native password management was creating stress. Microsoft’s tools lacked the granularity they needed to block predictable passwords comprised of terms related to Champneys and its products. The UI also didn’t give end users any context as to what kind of strong password they should be creating.

After running a scan with Specops Password Auditor, the business decided they wanted a tool that let them tighten their password policies as they saw fit. Anthony Bargery, Chief Technical Officer, explained that they wanted to secure the organization’s passwords with a better user experience: “People want quick access so they can get on with doing their jobs. It’s my job to overcome that apathy and help people create stronger passwords”.

A Flexible, “No-Brainer” Purchase

Champneys needed a solution with a custom dictionary to block specific words related to their brand that didn’t put up user experience roadblocks. After trialing the product for a few months and seeing the power of the granular policy controls, the decision to move forward was described as a “no-brainer”.

Highlights from the purchasing process included:

• Custom Dictionary: The ability to block words related to Champneys has been a standout feature that was not found in other products to the same level. Anthony noted: “It blows my mind that Microsoft don’t have this feature built-in.”
• Knowledgeable Support: The Sales and Systems Engineer teams were described as passionate, patient, and easy to work with.
• Executive Buy-in: By using results from the Specops trial to explain the specific cyber risks to the CEO, it was easy to mitigate concerns and secure approval quickly.
• Simple Deployment: The rollout was completed in just a few weeks.

Zero Breached Passwords

Since deploying Specops Password Policy, the continuous scanning feature has allowed the Champneys team to reach a significant milestone: zero breached passwords currently in their Active Directory. The tool has sparked important conversations with employees about the dangers of password reuse, helping to reinforce Champneys’ internal culture around cybersecurity.

According to Anthony: “How do you know a password is breached unless you check? I can sleep easier at night knowing there are no compromised passwords in our Active Directory. I can’t recommend Specops Password Policy enough.”

What’s Next?

Champneys is not stopping at password policies. The organization is currently pushing forward with Specops uReset to reduce helpdesk reliance for both on-prem and cloud users. In response to the rise of sophisticated AI-driven social engineering attacks, they’re also implementing Specops Secure Service Desk to ensure caller identity verification is foolproof.