Since passwords are the primary authentication method in Active Directory, strong password policies are essential. Specops Password Policy, SPP, is a password policy enforcer.
A severe disadvantage with the built in password policy is that there can only be one policy per domain affecting all the user accounts.
SPP overcomes this restriction by allowing you to specify multiple password policies.
SPP is based on Group Policy technology, which means that it can be configured in any number of group policies within Active Directory.
SPP offers granular password complexity requirements when specifying the rules for a password policy. One such rule is the ability to define lists containing words restricted for use in passwords.
SPP helps your organization to be password policy compliant.
Additional features include special behavior when administrators reset lost passwords. A password policy can be configured not to apply when the password is reset, as well as automatically
unlocking accounts and requiring the user to change the password at the next logon.
This lowers the burden for administrators when resetting lost passwords.
|
|
Features
 |
Set any combination of password restrictions: lower case, upper case, digits, special characters
|
|
Disallow user names in passwords, disallow words from word lists, etc
|
|
Minimum password length
|
|
Maximum password length
|
|
Extended password complexity
|
|
Password reset rules
|
|
Different password expiration rules,
commonly called password age, on each policy
|
|
NEW in 2.0 11 languages supported in the end user password change dialog.
|
|
NEW in 2.0 Graphical Password Complexity meter
|
|
NEW in 2.0 Password History
|
|
NEW in 2.0 Dissallow consecutive characters in password
|
|
NEW in 2.0 Dissallow incremental passwords
|
|
NEW in 2.0 Disable account lockout
|
|
NEW in 2.0 Automatically send password expiration e-mail
|
|
NEW in 2.0 Group Policy delegated security model
|
|
NEW in 2.0 Supports automation through Windows PowerShell or .NET
|
|
NEW in 2.0 Support for 64-bit Domain Controllers
|
|
|
Password filter configuration
When setting Password Policy rules (configuring the password filter, passfilt), a number of
additional restrictions can be set, giving you exactly the password structure you require for
each part of your organization.
A well configured password filter will lead to a better password security policy and will make your organization
password policy compliant.
|
|
The Password filter in action
When end users attempt to change their passwords, they are clearly notified of the password filter rules that apply to them.
This feature eliminates most unnecessary calls to the help desk from users trying to understand the authentication security policy and restrictions.
Using SPP will strengthen your password security policy and will help making your Windows network password policy compliant.
|
)
)
)