Authlogics Password Security Management
Password Security Management (PSM) is a comprehensive auditing, reporting and real-time monitoring and altering suite designed to ensure that your passwords are safe, secure and comply with regulations. It protects against common identity-based attacks (e.g. phishing, keylogging etc) and reduces the password burden for users while also reducing helpdesk costs.
PSM is non-intrusive and quick to deploy and ensures that all users have a password which complies with NIST SP 800-63B policy guidelines. It validates password changes in real-time, and retrospectively, using a combination of granular policy controls, a rules engine, a custom blacklist and heuristics. It is also powered by the Authlogics Password Breach Database which contains over 2 billion previously compromised credentials to keep your Active Directory safe and compliant.
Are you in our Password Breach Database? Check now for free.
Password Security Management Components
Authlogics Password Security Management has been designed to assess existing password related weaknesses, report on the current threats and risks, automatically remediate the problem and provide ongoing real-time protection and alerting from new password breaches.
Password Breach Database
Public Breach Data Analysis
Active Directory Password Auditing
Pre & Post Password Change Protection
Ensuring that compromised usernames and passwords from an unrelated security breach are not used to gain access to corporate systems is a crucial part of meeting the NIST password guidelines. The Authlogics Password Breach Database consists of over 2 billion breached credentials, including over 520 million compromised clear text passwords, and is continually updated.
The Authlogics Password Security Portal proves an insightful view of the public breach data relevant to your organisation constructed using AI and BI logic from multiple data breach sources. This allows you to view both organisation and user risk levels over time, as well as who may be sharing their corporate password on other websites. Email notifications about newly discovered breaches relevant to your company can also be sent.
Many corporate Active Directory databases have been in existence for decades and may contain very old and well-known passwords. Password Security Manager can perform a detailed Active Directory password audit of the existing directory data and provide a detailed per-user report including accounts with breached and shared passwords within and outside of the network.
Password Security Management is able to automatically raise alerts and remediate Active Directory user accounts which have breached or shared passwords by either forcing them to be changed at next logon or by disabling the account. When a new password is created, PSM uses a combination of a rules engine, custom blacklists, heuristic scanning and the Password Breach Database to ensure weak passwords are rejected. These rules are NIST compliant by default.
- Analyse the risk posed by publicly available breach data
- Username + password audit and reporting for Active Directory including breaches and public website sharing weaknesses
- Organisation and user level risk rating
- Real-time and retrospective scanning
- Protection from breached and shared passwords
- Automatic remediation of effected accounts
- Avoid complex and ever changing password requirements
- Simplified password policy and reduced helpdesk costs
- Comply with NIST SP 800-63B, NCSC, CMMC, GDPR and other digital identity guidelines
- User self-service AD password reset via OTP with policy compliance UI
- Continuously updated database of over 2 billion breached credentials and 520 million clear text passwords
- Negate password dictionary and brute force attacks
- Granular AD Group Policy based password complexity controls
- Intelligent heuristics scanning
- Custom blacklists
- No desktop software required
How do breached passwords affect security?
Online systems containing user information, email addresses and plain-text passwords are constantly being breached and phishing scams are all too common. Compound this with user’s propensity to share passwords and login details between work, social networks and other websites and you have a recipe for disaster. Given that over 80% of users tend to share passwords between websites, a breach of an Internet site could have a direct impact on your company’s internal systems. This fact has been recognised by NIST (National Institute of Standards and Technology) who specifically address the issue as part of the SP 800-63B guidance (June 2017) for setting passwords.
Critically, the new guidance emphasizes that any new passwords should not appear in any previous password breach. This ensures that the new password chosen cannot be determined from any compromised data used by increasingly sophisticated criminals and hackers. Password Security Management uses the Authlogics Password Breach Database which contains over 2 billion previously compromised credentials to ensure this isn’t the case.
Latest NIST SP 800-63B prescriptive password policy guidance highlights:
- Check against a database of previously breached passwords
- Minimum length of 8 characters, no maximum length
- No forced password expiration
- No more enforced composition rules
- No requirement for a mixture of uppercase, lowercase and special characters
- Anything goes, including emojis
The requirements for using Authlogics Password Security Management are:
- Installing the Authlogics Authentication Server are as follows:
- Windows Server 2019, 2016, 2012 R2 or 2012
- Microsoft Active Directory
- Deploy the Domain Controller Agent