Enzoic has launched a new version of Enzoic for Active Directory that includes support for real-time password monitoring to fight against the use of compromised passwords.
Enzoic for Active Directory screens users' passwords against its continuously updated database of compromised credentials, including billions of unique username and password combinations, according to the vendor.
Microsoft Azure Active Directory manages permissions and access to networked resources, making it a target for hackers to gain unauthorized access to user accounts, according to Enzoic. Verizon's Data Breach Investigations Report found 29% of security breaches involved stolen credentials.
Enzoic for Active Directory 2.0 brings Continuous Password Protection that triggers an alert if a password becomes vulnerable, enabling Active Directory administrators to enforce password changes in response to real-time credential exposures, not just against a static list of exposed credentials or with periodic password resets.
Once a password is flagged as vulnerable, Enzoic notifies users and automates follow-up action, from prompting a user to change it to disabling the account according to an organization's policies.
Enzoic for Active Directory 2.0 meets the National Institute of Standards and Technology 800-63B requirements with the following functions:
- password screening against lists of commonly used passwords, passwords in cracking dictionaries and compromised passwords;
- password checks upon password creation, as well as on a daily basis against a live database;
- immediate response trigger when a compromised password is detected; and
- elimination of periodic password resets due to continuous password monitoring.
According to a OneLogin study, only 35% of organizations' password creation requirements check against common password lists, despite 92% of organizations claiming their current password guidelines are adequate. Furthermore, common passwords only represent a small portion of vulnerable passwords, with many password-related incidents stemming from cracking dictionaries used by hackers.
Many security vendors such as SolarWinds, Specops and nFront Security offer password complexity plugins for Active Directory, but do not offer around-the-clock monitoring. Enzoic claimed its continuous monitoring updates enhance overall enterprise security.