Specops Secure Access strengthens security for Windows, RDP, and VPN logins

Specops Software has launched Specops Secure Access, a new capability that provides multi-factor authentication (MFA) to Windows logon, Remote Desktop Protocol (RDP), and VPN connections. This new innovation adds a layer of security to on-premises or hybrid Active Directory environments, strengthening protection against unauthorized access and credential-based attacks.

Password-based threats are on the rise. Specops Software’s 2025 Breached Password Report uncovered over a billion passwords stolen by malware over a 12-month period, while data by Microsoft revealed that 7,000 password attacks were blocked every second as it tracked more than 600 million identity-based attacks against organizations in 2024. Worryingly, 99.9% of breached accounts lacked multi-factor authentication, highlighting the current landscape of password security necessitates improved defenses against password-related threats and MFA.

Specops Secure Access tackles this issue by integrating MFA into the logon process, enabling organizations to safeguard both user passwords and authentication workflows, reinforcing overall cybersecurity without compromising ease of use. Specops Secure Access provides user-friendly MFA at key points where Active Directory passwords are used. With flexible options, it ensures secure authentication for logon, RDP, and VPN, whether users are online or offline.

Organizations that deploy Speops Secure Access will also meet compliance for a variety of industry standards including:

• National Institute of Standards and Technology (NIST) requires an MFA for AAL2/3 and access to any personal information in NIST SP 800-63B.
• Payment Card Industry Data Security Standard (PCI DSS) increased MFA requirements with PCI DSS 4.0, requiring MFA for all access (not just admin) into the cardholder data environment.
• Cyber Essentials requires organizations to implement MFA, where available, for all user access in v3.1.
• The Network and Information Systems Directive 2 (NIS2) requires MFA for access to network and information systems, prioritizing strong authentication methods to enhance cybersecurity and mitigate unauthorized access risks.

By using Specops Password Policy, continuous scanning against an up-to-date compromised password database enables organizations to block the use of weak passwords and check Active Directory passwords against a growing database of over 4 billion unique compromised passwords.

“With most compromised accounts lacking MFA, we know password protections alone are not enough to secure network access,” stated Darren James, Senior Product Manager with Specops Software.

“Today we are thrilled to share an offering that enhances the existing password protections we offer and something our customers have been asking for – MFA for Windows at logon, RDP and VPN, with Specops Secure Access,” James concluded.