Multiple password policies
A significant limitation with Windows Server 2000/2003 Active Directory domains is that only a single complexity rule can be applied across the entire domain, affecting all user accounts in the same way independent of their security risk factor. An improved Windows Server 2008/2012 Fine-Grained Password Policies allows you to configure multiple password policies in the same domain but its benefits remain limited and the configuration of it can be very labor-intensive.
Specops Password Policy overcomes this restriction by allowing you to specify multiple password policies based on rules you define. It is based on Group Policy technology, and can be configured in any number of group policies within the Active Directory. Specops Password Policy further extends the standard Windows password functionalities by offering numerous granular password complexity features to define the rules for a password policy. One example of this is the ability to define lists containing words restricted for use within passwords. It helps your organization to be password policy compliant.
The best part of Specops Password Policy is that we take the complexity out of configuring fine-grained password policies by offering a GUI to make all of your configurations. You can configuring a password policy for a user group in only a matter of seconds!
Additional features assist administrators in resetting lost passwords. Examples of this include, bypassing a policy once upon reset, automatically unlocking accounts, and requiring the user to change their password at next logon. These features help lower the burden on administrators when resetting lost passwords.
The Windows password policy solution in action
Users attempting to change their passwords receive clear notification of the password rules that apply to them. This feature eliminates most unnecessary calls to the help desk related to understanding the Windows password policy rules and restrictions.
Using Specops Password Policy will strengthen your overall security and ensure your Windows network meets constantly changing password compliancy standards.
Windows IT Pro
4.5 out of 5
"...if you’re contemplating adding a second domain because you have to have another password policy, then I recommend that you make your life easier and check out Specops Password Policy ..." Read more »
Redmond Magazine, Danielle and Nelson Ruest
Pump up your Passwords
"...If you want to enforce better password management in Windows, Specops Password Policy will get you there ..." Read the article in Redmond »
Redmond Magazine, Don "BetaMan" Jones
Password Policy Done Right
"Password Policy is easy to install and easy to use. It provides much more granular control and doesn't have a long learning curve." Read the article in Redmond »
Password Filter Technology
Specops Password Policy employs password filter technology running on each domain controller which enforces the password complexity rules. Optionally, a client side component provides an enhanced end user reset message that assists in meeting the specific complexity rules defined by your organization.
Password Policy & Active Directory
Specops Password Policy snaps directly in to the GPMC console. The user interface is consistent, clear, intuitive and context sensitive help is always available. It will provide a more secure and compliant Windows environment without the need to re-design your network or learn new technologies.
Password Filter Configuration
When creating password policy rules, a number of additional requirements and/or restrictions can be defined, providing exactly the level of password complexity required for each part of your organization.
A well configured password complexity solution not only provides better overall security, it also allows your organization to easily meet password related compliancy requirements in a quick and cost effective manner.
David Massaro, Coordinator of Technology Resources, Redlands Unified School District, USA:
“The Specops Password Policy / Specops Password Reset Software Solution met our needs. We solved the problems and delivered on our promise to comply with multiple complexity password policies for our higher risk staff user accounts and we also empowered these users to effectively manage their own password resets themselves”
“The third problem we solved was cutting down on the time our IT administrators spent on password management related and password reset issues. Since my System Admin is no longer spending valuable time addressing this issue, he has been able to focus on other more important aspects of our internal operations. By putting the onus on our users for password reset issues means the users now understand the enrolment process, they know how to access the secure web portal with their challenge question(s) process, and they have become aware of the specific password complexity requirements that has/have been assigned to them as part of a specific user group”
Study on password security
Password security is a growing pain as graphic cards and processors improve. Longer and more complex passwords is one of the solutions that Georgia Tech Research Institute acknowledges in their study of how enhanced computing power affects password security »