5 surprising ways hackers can get hold of your password

Azure AD & Active Directory Password Policy Manager

Keep hackers at bay with meticulous password policies that go far beyond the standard Active Directory controls.

Your network’s Active Directory is undoubtedly a valuable resource for your network – but imagine how useful it could be to a cybercriminal.

Hackers often try to hijack even the most entry-level Active Directory (AD) accounts to probe networks for more devastating ways to attack. Therefore, strong password policies are your first line of defence against AD account hacks.

Though AD includes some password policy controls out-of-the-box, our Password Policy Management tool extends the functionality of Active Directory’s Group Policy and works with both on-premise AD and Azure AD.

Our tool augments and simplifies the management of “fine-grained” password policies; provides essential policy management; automatically rejects weak passwords; gives actionable, real-time user feedback on creating strong passwords; and helps you comply with NCSC, NIST, and ANSSI password recommendations. In short, it makes implementing optimal AD passwords a breeze.

Book a Consultation

Password Policy Manager: Key Features

  • Investigating Cyber Incidents

    Uncover weak passwords currently being used in your AD

    Audit your entire Group Policy to root out easily breachable passwords that are in use right now.

  • Increased Productivity with DNS

    Augment AD password policies to reject lazy password changes

    Automatically disallow password reuse and lazy changes, like simply putting a number at the end of an old password.

  • Cyber Reconnaissance

    Give users dynamic feedback when changing passwords

    Provide automated, real-time feedback to users at the point of password change, helping them achieve optimal password length and complexity.

  • Access Control with Cyber Essentials

    Create a custom dictionary of disallowed words

    Instantly block passwords that contain terms relating to your organisation that a hacker might second-guess, such as locations, products, local sports teams, etc.

  • Security

    Reward users for longer, more complex passwords

    Automatically set passwords to expire depending on length, so users with consistently longer passwords don’t need to renew as often.

  • Stopping Attacks with Cyber Incidents

    Automatically reject over 3 billion previously compromised passwords

    With the Breached Password Protection add-on, you can automatically block users from using passwords contained in known breach lists.

Book a Consultation
Password Policy Manager

Why Enhance Your Password Policy?

Every single AD login is a potential entry point into your network. Therefore, creating strong passwords for every login is your optimal first line of defence. Even the most basic audit provided by our policy tool can uncover simple ways for individual users to tighten up their existing passwords.

You can train your team in proper password etiquette, of course – but this doesn’t automatically result in users picking better passwords in practice. Our Policy Manager enforces a certain level of password complexity; both by actively disallowing insecure password themes and formats, and by providing real-time feedback around creating strong, memorable passwords

Password Policies

Why You Shouldn't Rely on your Active Directory

Active Directory does provide some “fine-grained” policy controls, but its phrase-blocking is limited, user feedback is minimal, and it certainly can’t refer to breach databases to reject known, breached passwords.

Our Password Policy Manager augments Active Directory’s password management capabilities to provide much more granular control. It even makes light work of managing multiple different password policies for different user groups. And what’s more, our tool helps you to comply with regulatory password recommendations from the likes of NCSC, NIST, ANSSI, PCI and many others.

How Our Password Policy Manager Works

Our tool, SpecOps Password Policy, simply hooks into your Active Directory Group Policy functionality in order to simplify AD password management. There are three options to choose from…

  • Option 1: Audit

    The first is as a simple, one-time audit that identifies weak passwords currently in use across your whole Active Directory Group Policy – useful, but not valuable on an ongoing basis.

  • Option 2: Management

    The second, much more valuable option is for SpecOps Password Policy to completely manage your AD password policies. This includes much of the functionality described above – rejecting reused passwords, providing users with dynamic feedback, length-based password expiry, and the ability to maintain a disallowed term dictionary.

  • Option 3: Dark Web Monitoring

    The third tier is the most powerful, ideal solution: an optional add-on to option 2 that allows SpecOps Password Policy to scour dark web breach databases and automatically disallow the use of passwords present in existing breaches.

Join Just Cyber Security

Join the growing list of businesses that trust us with their cyber security