• News
  • Interviews
  • Articles
  • Podcasts
  • Insights
    • Future Ready
    • Guest Post
    • Use Cases
    • Events
  • Quick Bytes
  • RESOURCES
Sign in
Welcome!Log into your account
Forgot your password?
Privacy Policy
Password recovery
Recover your password
Search
Sunday, May 28, 2023
Sign in
Welcome! Log into your account
Forgot your password? Get help
Privacy Policy
Password recovery
Recover your password
A password will be e-mailed to you.
ITSECURITYWIRE FAVCON ITSECURITYWIRE FAVCON ITSecurityWire
  • News
  • Interviews
  • Articles
  • Podcasts
  • Insights
    • Future Ready
    • Guest Post
    • Use Cases
    • Events
  • Quick Bytes
  • RESOURCES
Home News SpyCloud Strengthens Active Directory Guardian with New Password Filter
  • News

SpyCloud Strengthens Active Directory Guardian with New Password Filter

By
ITsec Bureau
-
February 12, 2021
41
SpyCloud Strengthens Active Directory Guardian with New Password Filter

SpyCloud, known for its unique anti-fraud platform powering account takeover prevention and fraud investigations solutions, today announced it has added a new password filter feature to SpyCloud Active Directory Guardian.

With dozens or hundreds of online logins to manage, people often take shortcuts to keep track of their passwords. They use memorable words or names, easy-to-type strings such as “12345678”, or even passwords they’ve used before. Because these habits are so commonly followed, they also are easy for bad actors to figure out. As a result, for the last four years, weak and stolen passwords were consistently the top hacking technique identified in the Verizon Data Breach Investigations Report.

Read More: The Future of OT Security Strategy in Critical Infrastructure

SpyCloud Active Directory Guardian now automatically prevents employees from setting risky passwords using a password filter. When an employee sets a new Active Directory password, the password filter automatically screens the choice for repeated or sequential characters, up to 30,000 entries in a custom dictionary, and billions of exposed passwords found in SpyCloud’s industry-leading database of recovered breach data.

“Despite repeated warnings, people still try to use common and weak passwords,” said Chris Hajdu, Product Manager at SpyCloud. “It’s a very human thing to do simply because we all have so many accounts and passwords to keep track of, but businesses can’t afford to let these habits put their networks at risk.”

Using Active Directory Guardian’s existing capabilities and the new password filter together, enterprises can enforce stronger passwords and reduce their risk of a data breach caused by weak or stolen credentials. The password filter ensures that employee accounts are protected with secure credentials from the moment a new password is created. As new breaches occur over time and compromise more credentials, Active Directory Guardian can make sure employee logins remain secure by detecting and resetting exposed passwords automatically.

Because the password filter runs on the domain controller, the password filter is designed to “fail open” to minimize any potential impact on business operations. In other words, if the password filter fails for any reason, it will allow users to create unchecked passwords rather than locking them out. Running scheduled or manual scans with Active Directory Guardian provides backup for skipped passwords that might otherwise slip through the cracks.

The password filter also reduces the time and resources required to align with NIST password guidelines, particularly the challenging guidance to check for and reset “commonly-used, expected, or compromised” passwords. While some NIST password guidelines can be satisfied using the built-in settings within directory services, identifying new data breaches and checking them against user passwords can be a labor-intensive process. Using the password filter, enterprises can block passwords NIST considers weak or compromised, drawing on SpyCloud’s ever-growing database of exposed passwords.

  • TAGS
  • Active Directory Guardian
  • fraud investigations solutions
  • SpyCloud
  • unique anti-fraud platform powering account
Previous articleIDX Announces Cybersecurity Healthcheck for Organizations in Conjunction with No-Cost Data Breach Services Agreement
Next articleCoalfire Federal Names Stuart Itkin to Lead CMMC Assurance Practice
ITsec Bureau
https://itsecuritywire.com/
The ITSecurityWire Bureau has well-trained writers and journalists, well versed in the B2B Information technology industry, and constantly in touch with industry leaders for the latest trends, opinions, and other inputs in cybersecurity to bring you the best and latest in the domain.

RELATED ARTICLESMORE FROM AUTHOR

Black Ink Tech and Incode Collaborate to Make Everywhere Identity a Reality

Black Ink Tech and Incode Collaborate to Make Everywhere Identity a Reality

Dig Security Discloses Vulnerability in GCP CloudSQL Service Exposing Provider and Customer Data, Remediates Issues

Dig Security Discloses Vulnerability in GCP CloudSQL Service Exposing Provider and Customer Data, Remediates Issues

130k+ Patients' Social Security Numbers Revealed in UHS of Delaware Data Breach

130k+ Patients’ Social Security Numbers Revealed in UHS of Delaware Data Breach

Latest posts

HawkEye 360 Increases Analytic Capabilities to Combat Illegal Fishing

June 10, 2021
Cyware

Cyware Expands Marketing Leadership in North America with Industry Veteran New Appointments

October 11, 2022
Exabeam

Exabeam Extends Security Management Platform with AWS, Google Cloud Platform and Microsoft Azure Cloud Storage...

October 31, 2020
VMware guardDog.ai

VMware & guardDog.ai Collaborates for Virtual Implementations at 2022 VMware Explore

August 9, 2022
Ntirety Announces Formation Of Ntirety Enterprise

Ntirety Announces Formation Of Ntirety Enterprise; Promotes John Faulkner To President

February 19, 2021


An invaluable resource for all your IT security initiatives and assets.

Knowledge sharing platform for all IT security needs and plans. Peer to peer conversations that leverage industry experts and leaders for ideas, opinions and business insights.

Media@ITSecurityWire.com
Sales@ITSecurityWire.com

Recent Posts

  • Major Massachusetts Health Insurer Attacked by Ransomware Attack, Member Data May Be Compromised
  • Black Ink Tech and Incode Collaborate to Make Everywhere Identity a Reality
  • Dig Security Discloses Vulnerability in GCP CloudSQL Service Exposing Provider and Customer Data, Remediates Issues
  • European Cybersecurity Firm Sekoia.io Announces $37.5 Million
  • Apria Healthcare Announcing 2 Million People of Years-Old Data Breaches

Visit Our Other Publication

Quick Links

  • About Us
  • News
  • Featured Articles
  • Featured Interview
  • Guest Post
  • Learning Center
  • Privacy Policy
  • Do Not Sell My Information
  • About Us
  • News
  • Featured Articles
  • Featured Interview
  • Guest Post
  • Learning Center
  • Privacy Policy
  • Do Not Sell My Information
An Imprint of OnDot ® Media © | All rights reserved | Privacy Policy