Enzoic, a leading provider of compromised
credential screening solutions, announced updates to Enzoic for Active
Directory. The product is the only Active Directory plugin to check credentials
at installation and password creation, and continuously monitor for and detect
compromised credentials. The automated tool screens passwords against the
dynamic Enzoic database containing billions of exposed credentials. This helps
organizations prevent the use of compromised credentials, reducing the risk of
a successful account takeover.
With the growing threat from exposed credentials, NIST recommends
that companies identify and change compromised passwords. Due to the password reuse problem,
organizations need to prevent unsafe passwords from being activated.
With Enzoic, enterprises now have an automated screening tool that is easy for
IT administrators to deploy that prevents bad passwords and educates users on
why passwords have failed, strengthening their defenses against an array of
password attacks.
"Organizations
face a constant barrage of cyberattacks and desperately need a way to reduce
the risk of becoming a victim," said Michael Greene, CEO, Enzoic.
"Enterprises now have a comprehensive solution that is easy to use,
reducing the burden on the IT team and with zero friction for users. This helps
eradicate the risk of a network breach through Microsoft Active Directory, and
the subsequent impact on the business."
The
latest release of Enzoic for Active Directory raises the bar for compromised
credentials protection in corporate environments. With Enzoic's new initial
scan option, the organization's passwords can be comprehensively checked for
compromise immediately after installation. Users with compromised
passwords can then be optionally prompted for a reset at the next login.
Within just a few minutes, organizations can now identify and remediate any
weak or compromised passwords in their systems. After this initial check, user
passwords are then monitored continuously for future exposure in data breaches
or phishing attacks.
Another
new capability of the 3.0 release is Enzoic for Active Directory's Windows
client plugin. This plugin can be installed in Windows clients within the
organization in order to provide better feedback to users when a password
change is rejected due to a compromised password or other policy
requirement.
Feature
enhancements in the latest release of Enzoic for Active Directory:
- Initial Compromised
Passwords Scan:
After the initial install, administrators can optionally run a full scan on
their Active Directory to immediately identify any accounts using compromised
passwords. These accounts can then be optionally forced to reset their passwords.
- Windows
Client: Provides
better feedback to users who are changing their passwords from the built-in
Windows password change screen. The client displays a description of the
current policy a user's password must meet. If a user's password change
is rejected, due to the password being compromised for instance, they will now
receive an exact reason it was rejected to aid them in selecting a better
password.
- More Robust
Continuous Password Monitoring:
Checks user passwords on a daily basis to ensure they have not been exposed in
a new data breach. This feature is now simpler to deploy by eliminating the
requirement for an initial password reset.
For more on Enzoic for Active Directory, please
click here.