Specops Password Policy
Get serious about password security! Enforce compliance requirements, block leaked passwords, and help users create stronger passwords in Active Directory. Specops Password Policy extends the functionality of Group Policy, and simplifies the management of fine-grained password policies. The solution can target any GPO level, group, user, or computer with dictionary and passphrase settings.
Block weak passwords
Need a comprehensive list of vulnerable passwords to prevent dictionary attacks? Our password policy tool gives you many options. You can use a password dictionary, a file containing commonly used and/or compromised passwords, to prevent users from creating passwords susceptible to dictionary attacks. During a password change in Active Directory, the password check rejects any passwords found in the dictionary. With the Breached Password Protection add-on, you can even check against the latest leaked lists, including more than 2 billion leaked passwords
Create compliant password policies
Simplify passwords for users, and place the burden on authentication systems. It has never been easier to comply with regulatory password recommendations from NIST and NCSC. With compliance driven templates, and a reporting tool to ensure they match or exceed the standards of NIST, SANS, and PCI, Specops Password Policy makes compliance a breeze.
Target password entropy
Specops Password Policy enforces password length and complexity while blocking common character types at the beginning/end of passwords, as well as consecutively repeated characters. To help users create stronger passwords they can actually remember, the solution supports passphrases.
- Custom and leaked password dictionary lists and password hash dictionaries
- Breached Password Protection including more than 2 billion leaked passwords
- Find and remove leaked passwords in your environment
- Block the use of character substitutions (leetspeak) and keyboard patterns (including European keyboard patterns)
- Informative client messages when a user fails to meet password policy rules
- Length-based password expiration with email notifications
- Block user names, display names, specific words, consecutive characters, incremental passwords, and reusing a part of the current password
- Passphrase support
- Over 20 languages supported including English, French, Spanish, Russian and Chinese
- Use Regular Expressions to further customize requirements