Enzoic for Active Directory updates help orgs prevent use of compromised credentials
Enzoic announced updates to Enzoic for Active Directory. The product is the only Active Directory plugin to check credentials at installation and password creation, and continuously monitor for and detect compromised credentials.
The automated tool screens passwords against the dynamic Enzoic database containing billions of exposed credentials. This helps organizations prevent the use of compromised credentials, reducing the risk of a successful account takeover.
With the growing threat from exposed credentials, NIST recommends that companies identify and change compromised passwords. Due to the password reuse problem, organizations need to prevent unsafe passwords from being activated.
With Enzoic, enterprises now have an automated screening tool that is easy for IT administrators to deploy that prevents bad passwords and educates users on why passwords have failed, strengthening their defenses against an array of password attacks.
“Organizations face a constant barrage of cyberattacks and desperately need a way to reduce the risk of becoming a victim,” said Michael Greene, CEO, Enzoic.
“Enterprises now have a comprehensive solution that is easy to use, reducing the burden on the IT team and with zero friction for users. This helps eradicate the risk of a network breach through Microsoft Active Directory, and the subsequent impact on the business.”
The latest release of Enzoic for Active Directory raises the bar for compromised credentials protection in corporate environments. With Enzoic’s new initial scan option, the organization’s passwords can be comprehensively checked for compromise immediately after installation.
Users with compromised passwords can then be optionally prompted for a reset at the next login. Within just a few minutes, organizations can now identify and remediate any weak or compromised passwords in their systems.
After this initial check, user passwords are then monitored continuously for future exposure in data breaches or phishing attacks.
Another new capability of the 3.0 release is Enzoic for Active Directory’s Windows client plugin. This plugin can be installed in Windows clients within the organization in order to provide better feedback to users when a password change is rejected due to a compromised password or other policy requirement.
Feature enhancements in the latest release of Enzoic for Active Directory:
- Initial compromised passwords scan: After the initial install, administrators can optionally run a full scan on their Active Directory to immediately identify any accounts using compromised passwords. These accounts can then be optionally forced to reset their passwords.
- Windows client: Provides better feedback to users who are changing their passwords from the built-in Windows password change screen. The client displays a description of the current policy a user’s password must meet. If a user’s password change is rejected, due to the password being compromised for instance, they will now receive an exact reason it was rejected to aid them in selecting a better password.
- More robust continuous password monitoring: Checks user passwords on a daily basis to ensure they have not been exposed in a new data breach. This feature is now simpler to deploy by eliminating the requirement for an initial password reset.