Block weak passwords
Need a comprehensive list of vulnerable passwords to prevent dictionary attacks? Our password policy tool gives you many options. You can use a password dictionary, a file containing commonly used and/or compromised passwords, to prevent users from creating passwords susceptible to dictionary attacks. During a password change in Active Directory, the password check rejects any passwords found in the dictionary. Create a custom dictionary containing potential passwords relevant to your organization, including company name, location, services, and relevant acronyms.Read More
With the Breached Password Protection add-on, you can even block the use of more than 3 billion compromised passwords including those found on known breached lists as well as passwords being used in attacks happening right now.
Create compliant password policies
Simplify passwords for users and place the burden on authentication systems. It has never been easier to comply with regulatory password recommendations from NIST, CJIS, NCSC, ANSSI, CNIL, BSI, HITRUST, PCI and more. With compliance driven templates, and a reporting tool to ensure they match or exceed regulatory standards, Specops Password Policy makes compliance a breeze.Read More
Do you know how your existing password policies compare to best practices? For each password policy, you can drill down and see how the settings compare to various industry standards. Measuring your policies against industry recommendations can help safeguard your organization against common password-related attacks, including brute-force, rainbow table, and dictionary attacks.
Target password entropy
Specops Password Policy enforces password length and complexity while blocking common character types at the beginning/end of passwords, as well as consecutively repeated characters. To help users create stronger passwords they can actually remember, the solution also supports passphrases.Read More
Password attacks work because users are predictable. When asked to create a complex password, users follow familiar patterns. This means starting with a common word, followed by a number and/or special character. The length of the password is an effective defense. Passphrases, a combination of words that are meaningless together, are easier to remember and harder to crack.
Sound like a good fit?Get in Touch
- Custom dictionary lists to block words common to your organization
- Prevent the use of more than 3 billion compromised passwords with Breached Password Protection which includes passwords found on known breached lists as well as passwords being used in attacks happening right now
- Find and remove compromised passwords in your environment
- Informative end-user client messaging at failed password change that reduces calls to the helpdesk
- Real-time, dynamic feedback at password change with the Specops Authentication client
- Length-based password expiration with customizable email notifications
- Block user names, display names, specific words, consecutive characters, incremental passwords, and reusing a part of the current password
- Granular, GPO-driven targeting for any GPO level, computer, user, or group population
- Passphrase support
- Over 25 languages supported including English, French, German, Spanish, Russian and Chinese
- Use Regular Expressions to further customize requirements
Easy and Intuitive to Use
Try it for FREE, today!
Please fill in your information to start your free trial. All fields are mandatory.
Frequently Asked Questions
A strong password policy encourages unique passwords that are hard to guess. A strong Active Directory Password Policy protects the network from unauthorized access.
Best practices for Active Directory passwords will mirror those of The National Institute of Standards and Technology (NIST), which sets the security standards for data protection. NIST requires, among several things, screening new passwords against a list of known compromised passwords.
A weak password policy in Active Directory does not disallow commonly used words nor does it block known breached passwords.
Active Directory does not check for breached passwords out-of-the-box. With some configuration, Administrators can check Active Directory passwords against the Have I been Pwned password list.
The fine-grained password policy in Active Directory is not compliant with the NIST password requirements. With a third-party tool like Specops Password Policy, system admins can easily enforce a password policy that is compliant with NIST.
Allows our users to be autonomous
“Specops is a very complete solution that has largely fulfilled its objectives within our company. Thanks to this solution our users are totally autonomous to change their passwords”
The Strongest Password Tool Ever!!!
“It has a lot of good features that you configure to make policy strongest. And it’s very good buy this tool with express list API very useful to assign your policy with external data breach list.”
Easy, fast to deploy, immediate return of investment
“Deployed to 400 users in one hour with help of support. Support was really helpful, and whole process from testing to buying was fast & convincing.”
Introducing Live Attack Data to Specops Breached Password Protection (plus what passwords you should block right now)
Microsoft MVP review on 4sysops.com
Timothy Warner, “If your Active Directory password policy isn’t flexible enough for you, then I suggest you give Specops Password Policy a try.”Full Review
Gold Award on Techgenix.com!
Brien Posey, “I found the software to be stable, reliable, and very responsive. I did not encounter any bugs during my review, and the software was intuitive to the point that I was able to use it without ever looking at the instructions or calling tech support.”Full Review
East Ayrshire Council blocks weak passwords
When the annual audit revealed weak password use among 6000 employees, East Ayrshire Council implemented Specops Password Policy to enforce stronger passwords.Read More