StealthINTERCEPT Enterprise Password Enforcer

Password policy enforcement for Windows Active Directory providing password protection on-premises and in hybrid environments.

Request a Free Trial

Powered by ChronoForms - ChronoEngine.com

Why StealthINTERCEPT Enterprise Password Enforcer?

With 80% of breaches involving weak or compromised passwords and the top 10 common passwords still including ‘123456’, ‘password’, and ‘qwerty’, organizations need to strengthen & improve password hygiene. Breach costs will only rise, further emphasizing the importance of your first line of defense…the password.

Using a dictionary of 555 million known compromised passwords, along with complexity, character substitution, and testing tools, StealthINTERCEPT Enterprise Password Enforcer safeguards your organization from credential-based attacks. We can identify and prevent weak and compromised passwords from being used. We can even provide end user guidance on how to choose a strong(er) password.

80%

80% of breaches still involving compromised and weak credentials

80% of breaches still involving compromised and weak credentials

https://enterprise.verizon.com/resources/
reports/2019-data-breach-investigations-report.pdf

Weak Passwords

123456, password & qwerty remain top choices in 2019

123456, password & qwerty remain top choices in 2019

https://www.technotification.com/2019/04/
ncsc-worlds-most-hacked-passwords.html/

$8.19 MILLION

The average cost of a United States data breach in 2019 is $8.19 Million

The average cost of a United States data breach in 2019 is $8.19 Million

https://www.ibm.com/security/data-breach

Key Features

Tell Users Why Password Fails

We reduce helpdesk calls by showing users why proposed passwords fail what needs to change to adhere to policy

Enhanced Password Complexity

Provide administrators more granular control of password requirements to ensure proper compatibility with all of an enterprise’s resources

Password Policy Testing Tool

Before implementing new or modified rules, it’s advantageous to know where issues will arise

Control Character Substitutions

Attackers can just as easily replace an “S” with a “$”, or an “A” with the “@”. Gain control of your passwords and all possible variations

Breached Password Dictionary

We integrate with a repository of millions of known bad passwords, HIBP, so users don’t unknowingly try and use these vulnerable passwords

Integrate with your SIEM

Send alerts and triangulate risk signals for a more complete risk & attack posture for your organization

Comply with National Institute of Standards and Technology Password Guidelines

…it is recommended that passwords chosen by users be compared against a “black list” of unacceptable passwords. This list should include passwords from previous breach corpuses, dictionary words, and specific words (such as the name of the service itself) that users are likely to choose.

Scenario 1

Improve Passwords - Check Them Against 555 Million Known Bad Ones

BUT THIS PASSWORD WAS STOLEN IN A PAST BREACH AND IS FOR SALE ON THE DARK WEB… 60+% REUSE THE SAME PASSWORD AMONG ACCOUNTS1… LEAVING YOU VULNERABLE!

The National Institute of Standards and Technology (NIST) recommends the restriction of “passwords obtained from previous breach corpuses” and other “commonly-used” or “expected” values for passwords. StealthINTERCEPT Enterprise Password Enforcer leverages the Have I Been Pwned breach dictionary of 555 bad/ compromised passwords.

https://www.darkreading.com/informationweek-home/password-reuse-abounds-new-survey-shows/d/d-id/1331689

Improve Passwords - Check Them Against 555 Million Known Bad Ones
Save Your Helpdesk – Show Users Why Password Choice Fails

Scenario 2

Save Your Helpdesk – Show Users Why Password Choice Fails

It can be uber frustrating when user’s password choices get rejected with no guidance on why, often leading to rising helpdesk calls and costs. Password policy changes often have the same effect but at enterprise scale.

StealthINTERCEPT Enterprise Password Enforcer can now surface a clear definition of password policies and rejected password feedback to end users during the password change process. Showing users specifically what requirements they failed to meet is an immense help and reduces the need to call the helpdesk.

Scenario 3

Strengthen Passwords – Allow/Disallow Particular Character Substitutions

Users think they are clever when replacing an “s” with “$” or “a” with “@” within dictionary words that often pass standard password policy for complexity, but attackers know this and leverage the same technique to compromise/guess the password.

StealthINTERCEPT Enterprise Password Enforcer provides a substitution editor allowing administrators to modify or create permitted/not permitted custom character substitutions. We can also reduce the required effort to contemplate all variations of a password through character substitution. Administrators only need to specify character equivalents and the base word (e.g ‘Password’), Enterprise Password Enforcer does the rest.

Strengthen Passwords – Allow/Disallow Particular Character Substitutions
Save Time – Know the Affects of a Password Policy Change BEFORE Deployment

Scenario 4

Save Time – Know the Affects of a Password Policy Change BEFORE Deployment

Wasted time and user & administrator frustration is often caused when organizations change password policies. Most don’t know the impact until deployment. Some accept it as a necessary evil, we found a better way!

StealthINTERCEPT Enterprise Password Enforcer allows policy creators to test out any potential policy change without affecting users. We analyze the proposed policy against current environment passwords, reporting back which would fail and why. Get your policy right BEFORE engaging users.

Resources

StealthINTERCEPT Enterprise Password Enforcer

Data Sheet

Learn More

Are Weak Passwords Putting You At Risk?

Solution Brief

Learn More

Free Risk Assessment
Free Trial Request
STEALTHbits Demo Request
Browse Resource Library

New Template - Custom CSS

Free Risk Analysis Stealthbits' Credentials and Data Security Assessment is your Business-Justification-in-a-Box!x