Authlogics Password Security Management
Password Security Management (PSM) is a comprehensive auditing, real-time protection and remediation suite designed to ensure that your passwords are safe, secure and comply with regulations. It protects against common identity-based attacks (e.g. phishing, keylogging etc) and reduces the password burden for users. Helpdesk and lost productivity costs are further reduced via a One Time Code protected Self Service Portal which empowers users to securely manage their own account.
PSM goes beyond NIST SP 800-63B policy guidance by validating password changes in real-time and well as retrospectively. It is non-intrusive and quick to deploy and includes a combination of granular policy controls, a rules engine, a custom blacklist and heuristics. PSM is powered by the Authlogics Password Breach Database which contains over 4 billion previously compromised credentials to keep your Active Directory safe and compliant.
- NEW: Password Expiry Meter – determine the validity of your passwords by their creation length.
- NEW: Monitor the period of inactivity for dormant accounts.
- Reduce the risk of a Phishing, dictionary or brute force attack through real-time and retrospective protection from breached and shared passwords.
- Remove the password changing complexity burden imposed on users to reduce helpdesk costs and improve productivity.
- Audit for and comply with NIST SP 800-63B, NCSC, CMMC, GDPR and other digital identity guidelines.
- NEW: Automatic daily password audit reports, constant identification and immediate fix of breached passwords across all accounts including service accounts.
- NEW: Flexibility of using either traditional passwords and passphrases.
- Empower users to manage and reset their own AD password with real-time password policy compliance feedback and build in One Time Code security protection.
- Rapidly respond when a weakness is found with automatic remediation of effected accounts.
- Stay protected with a continuously updated database of over 4 billion breached credentials and 1.2 billion clear text passwords.
How does Authlogics PSM compare?
|Password Policy Compliance with NIST SP800-63B|
|Self-Service Portal with built-in via 2nd factor OTP reset|
|Shared password detection and protection|
|Retroactive scanning and alerting of AD accounts|
|Automatic Active Directory account remediation|
Are you in our Password Breach Database? Check now for free.
Password Security Management Components
Authlogics Password Security Management has been designed to assess existing password related weaknesses, report on the current threats and risks, automatically remediate the problem and provide ongoing real-time protection and alerting from new password breaches.
Password Breach Database
Active Directory Password Auditing
Pre & Post Password Change Protection
User Self Service Portal
Ensuring that compromised usernames and passwords from an unrelated security breach are not used to gain access to corporate systems is a crucial part of meeting the NIST password guidelines. The Authlogics Password Breach Database consists of over 4 billion breached credentials and is continually updated. The Authlogics Password Security Portal provides an insightful view of the public breach data relevant to your organisation constructed using AI and BI logic from multiple data breach sources.
Many corporate Active Directory databases have been in existence for decades and may contain very old and well-known passwords. Password Security Manager can perform a detailed Active Directory password audit of the existing directory data and provide a detailed per-user report including dormant accounts, accounts with breached passwords and passwords shared within and outside of the network.
Password Security Management can automatically raise alerts and remediate Active Directory user accounts which have breached or shared passwords by either forcing them to be changed at next logon or by disabling the account. When a new password is created, PSM uses a combination of a rules engine, custom blacklists, heuristic scanning and the Password Breach Database to ensure weak passwords are rejected. These rules are NIST compliant by default.
The included Self Service Portal empowers users to manage their own account so that they can reset their own password and unlock their own account. This cuts helpdesk call volumes and costs while improving user productivity. The portal works on desktop and mobile devices and has built-in One Time Code protection for added security.
The requirements for using Authlogics Password Security Management are:
- Installing the Authlogics Authentication Server are as follows:
- Windows Server 2019, 2016, 2012 R2 or 2012
- Microsoft Active Directory
- Deploy the Domain Controller Agent
How do breached passwords affect security?
Online systems containing user information, email addresses and plain-text passwords are constantly being breached and phishing scams are all too common. Compound this with user’s propensity to share passwords and login details between work, social networks and other websites and you have a recipe for disaster. Given that over 80% of users tend to share passwords between websites, a breach of an Internet site could have a direct impact on your company’s internal systems. This fact has been recognised by NIST (National Institute of Standards and Technology) who specifically address the issue as part of the SP 800-63B guidance (June 2017) for setting passwords.
Critically, the new guidance emphasizes that any new passwords should not appear in any previous password breach. This ensures that the new password chosen cannot be determined from any compromised data used by increasingly sophisticated criminals and hackers. Password Security Management uses the Authlogics Password Breach Database which contains over 4 billion previously compromised credentials to ensure this isn’t the case.
Latest NIST SP 800-63B prescriptive password policy guidance highlights:
- Check against a database of previously breached passwords
- Minimum length of 8 characters, no maximum length
- No forced password expiration
- No more enforced composition rules
- No requirement for a mixture of uppercase, lowercase and special characters
- Anything goes, including emojis