Specops Password Policy
Get serious about password security with technology that helps you enforce best practices.
Specops Password Policy helps you increase password security in your Active Directory environment. You can use Specops Password Policy to enforce password rules, meet compliance requirements and help users select stronger passwords. Specops Password Policy extends the functionality of Group Policy and allows you to configure a different set of rules for different types of users.
Specops Password Policy is a component of the Specops Password Management solution. Specops Password Management addresses both security and flexibility needs by enabling organizations to reach their appropriate level of security across multiple target systems while greatly reducing IT support costs through self-service, accessible anytime, and from any device.FREE TRIAL
- Reviews and Resources
- Related Products
Enforce strong Active Directory password policies
Specops Password Policy is customizable – allowing you to apply various requirements and/or restrictions to create the level of complexity required for your organization. Specops Password Policy can be configured to use classic password rules, and/or passphrase, which can be applied to all users or some users. For example, users with access to sensitive information can be assigned a policy that enforces password complexity while users with little or no access to sensitive information can be assigned a less restrictive password policy. This allows your organization to meet password-related regulatory requirements in a quick and cost-effective manner.
Block dictionary lists
Specops Password Policy allows you to add, configure, and remove password lists and password hash lists. The lists are checked each time there is a password change in Active Directory. By blocking passwords that have made it onto the lists, you increase password security by forcing users to select stronger passwords. Additionally, as new lists emerge, you can react quickly and prevent threats with the list import capability. Options include creating own custom list, importing an online dictionary list or using a Specops provided list including Gawker (over 180,000 password hashes), LinkedIn (6.5 million passwords) and Adobe (top 100 passwords).
Most legacy systems don’t support passwords greater than eight characters. Specops Password Policy’s passphrase support overcomes this limitation and gives you the flexibility to increase password length to, for example, 20 characters. You can now create powerful, yet simple password policy: if the password is shorter than the minimum length set in the passphrase options, the standard length and complexity rules apply – if not, the passphrase requirements kick in.
Scan password policies
To address the emergence of new threats, password policies should be continually visited. Specops Password Policy enables you to scan your Active Directory polices and gauge password strength using best practices and industry standards including NIST and PCI. The tool can also detect vulnerabilities such as stale admin accounts, accounts that do not require passwords, accounts without password complexity and accounts with expiring/expired passwords to help IT anticipate potential lockouts/password resets.
- Multi-language support
- Custom and online password dictionary lists and password hash dictionaries
- Informative client messages when a user fails to meet Password Policy rules
- Password expiration email notifications
- Policies that are complex enough to meet the needs of end users based on business roles
- Forbids user names, display names, specific words, consecutive characters and incremental passwords
- Passphrase support
- Scan for actionable Active Directory policy insights – expired passwords, stale accounts, weak/non-compliant policies
3rd Party Product Reviews
5/5 rating and Gold Award on WindowSecurity.com!
Richard Hicks, “Specops Password Policy is an essential tool that can be leveraged by organizations large and small to greatly improve their overall security posture by granularly enforcing password policies across the enterprise. The tool is very easy to use, installs quickly, and leverages existing Windows administration procedures to implement fine-grained password policies.”
Specops Password Policy – Enterprise password security on 4sysops.com
Timothy Warner, “Specops Password Policy can target any GPO level, computer, user, or group population and has the added benefit of expanded password policy options, including the use of passphrases.”