Block over two billion known breached passwords from your AD with Specops Password Policy tools

Block over 2 billion known breached passwords from your AD with Specops Password Policy tools

Graham Cluley Security News is sponsored this week by the folks at Specops. Thanks to the great team there for their support!

With the help of live attack data from our own honeypots, Specops Software’s Breached Password Protection can now detect over 2 billion known breached passwords in your Active Directory.

Using our database, you can block commonly used and/or compromised passwords, to prevent users from creating passwords susceptible to dictionary attacks. During a password change in Active Directory, the password check rejects any passwords found in the database with dynamic feedback for end-users. Plus, create a custom dictionary list to block words relevant to your organization, including company name, location, services, and relevant acronyms.

Create Compliant Password Policies

Simplify passwords for users and place the burden on authentication systems instead of your IT department with Specops Password Policy tools. It has never been easier to comply with regulatory password recommendations from NIST, CMMC, NCSC, HITRUST, PCI and more. With compliance driven templates, and a reporting tool to ensure they match or exceed standards, Password Policy makes compliance a breeze.

Measuring your policies against industry recommendations can help safeguard your organization against common password-related attacks, including brute-force, rainbow table, and dictionary attacks.

Target Password Entropy

Specops Password Policy enforces password length and complexity while blocking common character types at the beginning/end of passwords, as well as consecutively repeated characters. To help users create stronger passwords they can actually remember, the solution also supports passphrases.

You can test out Specops Password Policy tools in your AD for free, just get in touch here.


If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about cybersecurity, you can find more information here.