Marcus White

Deployment

Security

Technical

Marcus is a Specops cybersecurity specialist based in the UK. He’s been in the B2B technology sector for 8+ years and has worked closely with products in email security, data loss prevention, endpoint security, and identity and access management.

Articles written by Marcus White

Oct

22

How to communicate a new password policy to your end users

Rolling out a new password policy without a communication plan is a recipe for disaster. You want to avoid a situation where all end users are prompted to change their passwords without understanding what they’re doing or why – as…
Read More
Oct

21

NIST password guidelines: Full guide to NIST password compliance

Many look to the National Institute of Standards and Technology (NIST) guidelines as the gold standard when it comes to cybersecurity best practices. But as you’ve likely heard, NIST has updated its password guidelines in the latest draft of their…
Read More
Oct

16

Creating a custom password-exclusion dictionary with ChatGPT

When cybercriminals attempt to crack passwords, it makes sense to go for the lowest hanging fruit. They’re going to start by trying the most common, easy-to-guess passwords, as chances are some end users are bound to have chosen them. So…
Read More
Oct

07

How to set up the key components of a password policy in Active Directory

Once you’ve planned out a new password policy, it’s time to put it into practice by setting the right configurations within your Active Directory. If you’re still at the planning stage, we’d recommend checking out our strategy tips for planning…
Read More
Sep

24

Five strategy recommendations for planning a password policy

An Active Directory full of strong, non-compromised passwords should be an essential cybersecurity goal for every organization. A clearly articulated and enforceable password policy strategy is the best way to put this into practice. However, it's important to tailor your…
Read More
Sep

12

[New research] Are VPN passwords secure? Two million malware-stolen passwords say no.

Today, the Specops research team is publishing new data on VPN passwords that have been stolen by malware. In total, our threat intelligence research team found 2,151,523 VPN passwords that have been compromised by malware over the past year. These…
Read More
Aug

19

How we use Threat Intelligence to find new breached passwords

What makes a good breached password list? Numbers are a good start – the more breached passwords you can cross-reference against your Active Directory, the better. You want to maximize your chances of detecting end users who are using compromised…
Read More
Aug

12

New hires, old problems: How to reduce password risk during onboarding

The first week of a new job always seems to involve plenty of time with the IT team – especially when onboarding remote employees. Setting up hardware, accesses, and passwords is an essential step. One of the first and most…
Read More
Jul

30

How much are weak passwords costing your organization?

Bad passwords can be a direct and indirect financial drain on any organization. They’re often the weakest link in a security chain, allowing hackers easy access to sensitive systems and data. Cyber-attacks and breaches are the obvious risks, but there…
Read More
Jul

16

[New research] Golf takes gold: Appears in over 40K breached Olympic sport passwords

Today, the Specops research team is publishing new data on end users choosing their sporting hobbies as passwords. Inspired by the Paris 2024 Olympic Games, we’ve looked at breached passwords that contain sports from the global sporting event as a…
Read More