Organizations of all kinds look to regulatory recommendations and standards for guidance on how to best construct a secure password policy for their networks. However, new research shows regulatory password complexity and construction recommendations are not enough. Today, the... Read More
News and Research
Categories
Guide to the PCI-DSS v4.0.1 regulations [Updated for 2025]
The PCI DSS compliance framework has been a staple in the cybersecurity realm for businesses handling credit card transactions. The Payment Card Industry Data Security Standard was developed to encourage and enhance payment card account data security. It helps define consistent security... Read More
Password Managers with AD Integration: What to Look For
Organizations looking to manage passwords beyond the Active Directory password might choose to do so with an enterprise password manager. Organizations that run on Active Directory will have an AD integration at the top of their shopping list. So,... Read More
Celebrate World Password Day with a password audit
May 5, 2022 marks the ninth anniversary of World Password Day, an event created by Intel to raise awareness about the importance of strong passwords. For more than 60 years we have relied on passwords to secure our personal... Read More
Virginia Consumer Data Protection Act
The Virginia Consumer Data Protection Act (VCDPA) was recently signed, making it the second state that has signed a consumer privacy regulation into law. This legislation follows what was implemented in California by way of the California Consumer Privacy... Read More
NIST MFA guidelines
End-user passwords are often the weakest link in IT security, providing the path of least resistance for an attacker looking to penetrate business systems. Users commonly choose easy to remember, and consequently, easy to compromise passwords. In IBM’s Cost... Read More
Forcing a password reset? This new Password Auditor report can help
Today, Specops Software released the latest version of Specops Password Auditor, introducing a new report that will make the lives of IT admins looking to force a password reset a little easier. This release comes in response to last... Read More
Active Directory reversible encryption explained
If you have administered password policies in Active Directory or looked at the local policies present in the Windows client operating system, you may have noticed an interesting setting contained in the Account policies section. The setting is Store... Read More
Attack Recovery: How to Implement a “Reset All AD Passwords” Directive
In light of potential increase in cyberattacks, the White House issued a fact sheet on March 21, 2022, with wide-sweeping cybersecurity recommendations. One recommendation is to reset all passwords, to eliminate the possibility of an unknown leaked credential being... Read More
Nvidia leak shows weak passwords in use [new data]
Cyber-criminal group LAPSUS$ claimed GPU manufacturer Nvidia as one of its latest breach victims at the end of February. The news of the breach made headlines in the past few weeks, including details that employee passwords were leaked. The... Read More