The Account Lockout Policy in Active Directory Group Policy sets the number of failed sign-in attempts before a user account is locked out. This can be checked with the AD account lockout status. Once the account is locked out,... Read More
News and Research
Categories
The Force won’t save you from these breached passwords #StarWarsDay
If your colleagues are Star Wars fans, they might be at risk for breached password use. On May the 4th, the unofficial Star Wars fandom holiday, Specops Software investigated which Star Wars themed passwords were most popular in breached... Read More
All About Password Entropy
This article takes a look at the Password Entropy calculation in Specops Password Auditor. What is entropy? Entropy is a concept borrowed from information theory. In the password context, entropy can be summarized as: how many guesses would it... Read More
And the Award for Most Popular Movie Used in Passwords Goes to…
A couple of weeks ago, we revealed the top Major League Baseball team names that are a homerun for hackers in conjunction with Opening Day. With the Oscars just around the corner, we’re refreshing our list to share the... Read More
HIPAA Security Rule Guidance for passwords
There are an alarming number of cyberattacks targeting the healthcare industry. In October 2020, the FBI released a security warning to hospitals and government agencies of an imminent danger of ransomware attacks. Attackers were said to be targeting healthcare... Read More
Weak Windows passwords blamed for recent rise in Purple Fox attacks
Purple Fox is malware that was first discovered in 2018 but has seen a recent rise in proliferation as hackers take advantage of a new attack method: weak passwords used over the SMB protocol. SMB (Server Message Block) is... Read More
German Federal Office for Information Security password guidance
The German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, abbreviated as BSI) is an agency responsible for information security for the German federal government. The BSI is also the central certification body for IT systems.... Read More
CNIL password guidance
Data privacy has become a priority for global businesses due to sweeping regulations such as the General Data Protection Regulation (GDPR). At the same time, other regulatory bodies continue to enforce local data privacy laws. In France, for example,... Read More
Using Major League Baseball team names as passwords is a homerun for hackers
The Cincinnati Reds, America’s oldest baseball team, may have one of Major League Baseball’s (MLB) worst pre-season odds to win the World Series, but the team sits alone in first place on Specops’ breached password list. This is according... Read More
Programming your own password filter .dll
Organizations can increase the security of Active Directory passwords by filtering specific passwords from being used in their environment. Password filters help bolster the security protections of Active Directory Password Policy settings by ensuring that end-users cannot use passwords... Read More