Enzoic for Active Directory
Comply with NIST 800-63 with an easy-to-implement plugin that compares employee passwords against cracking dictionaries; exposed and commonly used passwords.
With cracking dictionaries and credentials exposed in data breaches, it is easy for hackers to launch brute force attacks.
Enzoic eliminates the need for periodic, forced password resets. It also enhances your password policies so they automatically restrict the selection of commonly-used, expected, or compromised passwords. All of this is accomplished without any passwords or hashes even leaving the secure AD environment.
How it works:
Enzoic’s simple plug-in uses a standard password filter object to create a new password policy that works anywhere that defers to Active Directory, including Azure AD and third-party password reset tools.
When a new password is being created, a partial hash is evaluated against Enzoic’s massive, continuously updated database. A list of candidate hashes is returned for a local comparison. No data is stored by Enzoic.
Enzoic will continue to monitor your domain to determine if new exposures affect your users, triggering immediate alerts.
How Enzoic for Active Directory Can Help
Harden new passwords
Enzoic enhances your password policies so they automatically restrict the selection of any password that was previously compromised, helping users avoid unsafe password according to NIST guidelines.
Reduce the attack window
As soon as Enzoic indexes a new breach or cracking dictionary, your organization is immediately protected. Our data is sourced from the public Internet and Dark Web and is updated continuously by proprietary automated processes and human threat intelligence.
Our services use a partial hash for your security. This allows you to check whether a given password is known to be compromised, without the exact password or hash leaving your environment.