|
New release 3.0 - NOW available for download
Stronger Password Policy with a password filter
|
[Current version: 3.0.0.8170]
[Updated: 2008-06-19]
[Documentation wiki]
Now supporting Vista, 64-bit servers/clients and Windows Server 2008
|
Since passwords are the primary authentication method in Active Directory, strong password policies are essential. Specops Password Policy, SPP, is a password policy enforcer.
A severe disadvantage with the built in password policy is that there can only be one policy per domain affecting all the user accounts.
SPP overcomes this restriction by allowing you to specify multiple password policies.
SPP is based on Group Policy technology, which means that it can be configured in any number of group policies within Active Directory.
SPP offers granular password complexity requirements when specifying the rules for a password policy. One such rule is the ability to define lists containing words restricted for use in passwords.
SPP helps your organization to be password policy compliant.
Additional features include special behavior when administrators reset lost passwords. A password policy can be configured not to apply when the password is reset, as well as automatically
unlocking accounts and requiring the user to change the password at the next logon.
This lowers the burden for administrators when resetting lost passwords.
|
|
Password filter
SPP is a password filter (known as passfilt or passfilt.dll in NT 4) running on each DC and optionally there is client side dll to show
end user messages. The password filter needs to be on all domain controllers.
|
|
Password Policy & Active Directory
SPP snaps right in to the GPMC console.
The user interface is very consistent, clear and helpful. Context aware help is always available helping
you as you move along.
With SPP you will get a more secure Windows environment and become more password policy compliant.
|
|
Product reviews/articles
NEW Windows IT Pro 4.5 out of 5
"...if you’re contemplating adding a second domain because you have to have another password policy, then I recommend that you make your life easier and check out Specops Password Policy....
Pump up your Passwords
"...If you want to enforce better password management in Windows, Specops Password
Policy will get you there...
Danielle and Nelson Ruest - Redmond Magazine
Password Policy Done Right
"Password Policy is easy to install and easy to use. It provides much more granular control and doesn't have a long learning curve."
Don "BetaMan" Jones - Redmond Magazine
|
|
|
Features
 |
Set any combination of password restrictions: lower case, upper case, digits, special characters
|
|
Disallow user names in passwords, disallow words from word lists, etc
|
|
Minimum password length
|
|
Maximum password length
|
|
Extended password complexity
|
|
Password reset rules
|
|
Different password expiration rules,
commonly called password age, on each policy
|
|
<11 languages supported in the end user password change dialog.
|
|
Graphical Password Complexity meter
|
|
Password History
|
|
Dissallow consecutive characters in password
|
|
Dissallow incremental passwords
|
|
Disable account lockout
|
|
Automatically send password expiration e-mail
|
|
Group Policy delegated security model
|
|
Supports automation through Windows PowerShell or .NET
|
|
Support for 64-bit Domain Controllers
|
|
NEW in 3.0 Support for Windows 2008 Server
|
|
NEW in 3.0 Support for Remote Server Administration Tools (RSAT)
|
|
NEW in 3.0 Integration with Specops Password Reset
|
|
NEW in 3.0 Additional password policy requirements; Regular expressions; Disallow backward words in wordlist; Disallow digit as last character
|
|
NEW in 3.0 New password expiration warning e-mail settings; Configurable sender; Exclude password policy requirements
|
|
|
Password filter configuration
When setting Password Policy rules (configuring the password filter, passfilt), a number of
additional restrictions can be set, giving you exactly the password structure you require for
each part of your organization.
A well configured password filter will lead to a better password security policy and will make your organization
password policy compliant.
|
|
The Password filter in action
When end users attempt to change their passwords, they are clearly notified of the password filter rules that apply to them.
This feature eliminates most unnecessary calls to the help desk from users trying to understand the authentication security policy and restrictions.
Using SPP will strengthen your password security policy and will help making your Windows network password policy compliant.
|
)
)