With 80% of breaches involving weak or compromised passwords and the top 10 common passwords still including ‘123456’, ‘password’, and ‘qwerty’, organizations need to strengthen & improve password hygiene. Breach costs will only rise, further emphasizing the importance of your first line of defense…the password.
Using a dictionary of 555 million known compromised passwords, along with complexity, character substitution, and testing tools, StealthINTERCEPT Enterprise Password Enforcer safeguards your organization from credential-based attacks. We can identify and prevent weak and compromised passwords from being used. We can even provide end user guidance on how to choose a strong(er) password.
80% of breaches still involving compromised and weak credentials
123456, password & qwerty remain top choices in 2019
The average cost of a United States data breach in 2019 is $8.19 Million
…it is recommended that passwords chosen by users be compared against a “black list” of unacceptable passwords. This list should include passwords from previous breach corpuses, dictionary words, and specific words (such as the name of the service itself) that users are likely to choose.
BUT THIS PASSWORD WAS STOLEN IN A PAST BREACH AND IS FOR SALE ON THE DARK WEB… 60+% REUSE THE SAME PASSWORD AMONG ACCOUNTS1… LEAVING YOU VULNERABLE!
The National Institute of Standards and Technology (NIST) recommends the restriction of “passwords obtained from previous breach corpuses” and other “commonly-used” or “expected” values for passwords. StealthINTERCEPT Enterprise Password Enforcer leverages the Have I Been Pwned breach dictionary of 555 bad/ compromised passwords.
It can be uber frustrating when user’s password choices get rejected with no guidance on why, often leading to rising helpdesk calls and costs. Password policy changes often have the same effect but at enterprise scale.
StealthINTERCEPT Enterprise Password Enforcer can now surface a clear definition of password policies and rejected password feedback to end users during the password change process. Showing users specifically what requirements they failed to meet is an immense help and reduces the need to call the helpdesk.
Users think they are clever when replacing an “s” with “$” or “a” with “@” within dictionary words that often pass standard password policy for complexity, but attackers know this and leverage the same technique to compromise/guess the password.
StealthINTERCEPT Enterprise Password Enforcer provides a substitution editor allowing administrators to modify or create permitted/not permitted custom character substitutions. We can also reduce the required effort to contemplate all variations of a password through character substitution. Administrators only need to specify character equivalents and the base word (e.g ‘Password’), Enterprise Password Enforcer does the rest.
Wasted time and user & administrator frustration is often caused when organizations change password policies. Most don’t know the impact until deployment. Some accept it as a necessary evil, we found a better way!
StealthINTERCEPT Enterprise Password Enforcer allows policy creators to test out any potential policy change without affecting users. We analyze the proposed policy against current environment passwords, reporting back which would fail and why. Get your policy right BEFORE engaging users.