{"id":573,"date":"2014-03-27T00:00:00","date_gmt":"2014-03-27T00:00:00","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/2014\/03\/27\/3-tools-for-enforcing-password-policies\/"},"modified":"2021-01-28T16:17:43","modified_gmt":"2021-01-28T16:17:43","slug":"tools-for-enforcing-password-policies","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/","title":{"rendered":"3 Tools for Enforcing Password Policies"},"content":{"rendered":"<div id=\"article-content\">\n<div id=\"article-ads\">\n<div class=\"hidden-xs\">\n<div id=\"daily-newsletter\" class=\"row\">\n<div class=\"text-center\">\n<div class=\"col-md-6 col-md-offset-3\">\n<div id=\"namecard-input-groupwz\" class=\"input-group\">\n<span class=\"input-group-btn\"><\/p>\n<p><\/span><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div><\/div>\n<p>Recent corporate security breaches have taught us something important: The average computer user is spectacularly bad at choosing good passwords.<\/p>\n<p>The <a href=\"https:\/\/www.eweek.com\/blogs\/first-read\/123456-overtakes-password-as-weakest-password\">most popular passwords<\/a> turn out to be simple, easy-to-remember ones, like &#8220;password,&#8221; &#8220;123456,&#8221; &#8220;monkey&#8221; and &#8220;iloveyou,&#8221; all of which provide little security. If you can remember your password, then it is probably not secure.<\/p>\n<p>Experts agree secure passwords should be 11 characters or more and made up of random characters drawn from a pool of upper and lower case letters, as well as numbers and special characters like &#8220;%&#8221; and &#8220;&gt;.&#8221; To understand why, consider this: Here&#8217;s <a href=\"https:\/\/www.grc.com\/haystack.htm\">how long it might take<\/a> a hacker to guess a password, using a computer that can make one hundred billion guesses per second:<\/p>\n<ul>\n<li>A password made up of six random lower case letters: a fraction of a second<\/li>\n<li>A password made up of 11 random lower case letters: 11 hours<\/li>\n<li>A password made up of 11 random lower and upper case letters: two-and-a-half years<\/li>\n<li>A password made up of 11 random lower and upper case letters, numbers and special characters: 500 years<\/li>\n<\/ul>\n<p>So how do you ensure that your users choose secure passwords? While <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-offer-security-awareness-training-that-works\/\">user education is helpful<\/a>, corporate security is too important to rely on that alone. In a tradeoff between security vs. convenience, many users will choose a short, easy-to-remember password like 123456 even if they know that it is insecure.<\/p>\n<h2>Password Policy Tools<\/h2>\n<p>When it comes to Widows and Active Directory, Windows gives administrators the power to impose certain password policies on users when they choose a password. The policies are fairly basic, however. You can specify a minimum length, expiration period and limits on using previous passwords, but not much else.<\/p>\n<p>One solution is to use a third party product such as <a href=\"https:\/\/anixis.com\/products\/ppe\/\">Anixis Password Policy Enforcer<\/a> or<a href=\"http:\/\/nfrontsecurity.com\/products\/nfront-password-filter\/\"> nFront Password Filter<\/a> , which integrates with Active Directory to provide far more granular password policies.<\/p>\n<p>These sorts of password policy enforcement tools can allow administrators to impose rules such as:<\/p>\n<ul>\n<li><strong>Complexity<\/strong>. Requires passwords to contain characters from a variety of character sets (such as digits, upper case characters and so on). The required number and selection of character sets are usually configurable.<\/li>\n<li><strong>Contained in a dictionary<\/strong>. Passwords must not be vulnerable to attack with a dictionary or hybrid cracking algorithm. The tools should be sophisticated enough to detect partial matches, character substitution and character reversal.<\/li>\n<li><strong>Keyboard pattern<\/strong>. This prohibits passwords with keyboard patterns such as &#8220;qwerty&#8221; or &#8220;asdfasdf.&#8221;<\/li>\n<li><strong>Repeating patterns<\/strong>. This disallows passwords with repeated characters, such as &#8220;aaaabbbb&#8221; or repeated patterns such as &#8220;monkeymonkey.&#8221;<\/li>\n<li><strong>Similarity<\/strong>. This detects when a user is choosing passwords with an obvious sequence, like &#8220;password1&#8221; or &#8220;password2&#8221; each time the password is changed.<\/li>\n<\/ul>\n<p>Many of these products also supply an optional client program which runs on users&#8217; computers and helps them choose a compliant password by displaying the password policy requirements.<\/p>\n<p>What happens, though, when users log on to cloud-based applications such as Box, Office365 or Salesforce.com? What&#8217;s to stop a user from choosing an insecure password when they are free of the policy controls that stem from Active Directory?<\/p>\n<h2>Cloud-Based Single Sign-On Tools<\/h2>\n<p>One solution is to use a cloud-based <a href=\"https:\/\/www.webopedia.com\/TERM\/S\/single_signon.html\">single sign-on<\/a> service. What services like <a href=\"http:\/\/www.onelogin.com\/\">OneLogin<\/a>, <a href=\"https:\/\/www.symplified.com\/\">Symplified <\/a>and <a href=\"https:\/\/www.okta.com\/\">Okta<\/a> do is become the authentication provider for a cloud application like Salesforce.com. The cloud single sign-on service then links to Active Directory. From that point on, users can log in to the cloud application using their Active Directory username and password &#8211; the security of which is governed by whatever password policies are imposed on Active Directory passwords.<\/p>\n<p>These services also allow companies to subscribe to a cloud service and enable multiple users to access it. This is done by tying each user&#8217;s Active Directory logon to the corporate username and password for the service. This offers the added benefit of keeping individual users from knowing the underlying username and password. That means they can never divulge it to a third party, and if they leave the company their access to the cloud service is terminated as soon as their Active Directory account is deleted.<\/p>\n<h2>Enterprise Password Managers<\/h2>\n<p>Since secure passwords are practically impossible to remember, the use of a password manager such as <a href=\"https:\/\/www.lastpass.com\/\">Lastpass Enterprise <\/a>or <a href=\"https:\/\/www.roboform.com\/\">Roboform Enterprise <\/a>can make secure passwords much easier for staff to handle. Essentially a password manager stores passwords and enters them automatically when required. But they will only do so when a master password has been entered by the user to activate the password manager. That means users must only remember one password &#8211; their master password &#8211; rather than a number of individual passwords.<\/p>\n<p>The master password can be recovered by an administrator in the event that a user forgets it. Additional security can be added by requiring <a href=\"https:\/\/en.wikipedia.org\/wiki\/Multi-factor_authentication\">two factor authentication<\/a> to unlock the password manager, such as a <a href=\"https:\/\/www.yubico.com\/\">Yubico <\/a>authenticator or a <a href=\"https:\/\/www.toopher.com\/\">Toopher <\/a>location-based authenticator.<\/p>\n<p>Products like Lastpass Enterprise and Roboform Enterprise generate secure passwords for each new service that requires one, and can impose password policies on these passwords (and the master password) either via a system administrator console, or by using Active Directory password policies.<\/p>\n<p><em>Paul Rubens has been covering enterprise technology for over 20 years. In that time he has written for leading UK and international publications including The Economist, The Times, Financial Times, the BBC, Computing and ServerWatch.<\/em><\/p>\n<\/div>\n\n\n<div id=\"ta-campaign-widget-66d6fd5c54359-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6fd5c54359\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6fd5c54359\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6fd5c54359\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6fd5c54359\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6fd5c54359\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6fd5c54359\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Recent corporate security breaches have taught us something important: The average computer user is spectacularly bad at choosing good passwords. The most popular passwords turn out to be simple, easy-to-remember ones, like &#8220;password,&#8221; &#8220;123456,&#8221; &#8220;monkey&#8221; and &#8220;iloveyou,&#8221; all of which provide little security. If you can remember your password, then it is probably not secure. [&hellip;]<\/p>\n","protected":false},"author":226,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14],"tags":[4766,14793,3414,2579,3388],"b2b_audience":[33],"b2b_industry":[],"b2b_product":[377,375],"class_list":["post-573","post","type-post","status-publish","format-standard","hentry","category-networks","tag-active-directory","tag-lastpass","tag-network-security","tag-password","tag-single-sign-on","b2b_audience-awareness-and-consideration","b2b_product-gateway-and-network-security","b2b_product-security-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>3 Tools for Enforcing Password Policies | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"3 Tools for Enforcing Password Policies | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2014-03-27T00:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-01-28T16:17:43+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/eSecurity_redesign_badgecolor.png\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Paul Rubens\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Paul Rubens\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\"},\"author\":{\"name\":\"Paul Rubens\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c\"},\"headline\":\"3 Tools for Enforcing Password Policies\",\"datePublished\":\"2014-03-27T00:00:00+00:00\",\"dateModified\":\"2021-01-28T16:17:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\"},\"wordCount\":886,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"keywords\":[\"active-directory\",\"LastPass\",\"network security\",\"password\",\"single sign-on\"],\"articleSection\":[\"Networks\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\",\"name\":\"3 Tools for Enforcing Password Policies | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"datePublished\":\"2014-03-27T00:00:00+00:00\",\"dateModified\":\"2021-01-28T16:17:43+00:00\",\"description\":\"User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"3 Tools for Enforcing Password Policies\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c\",\"name\":\"Paul Rubens\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg\",\"caption\":\"Paul Rubens\"},\"description\":\"Paul Rubens is a technology journalist based in England, and is an eSecurity Planet contributor.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/paul-rubens-esp\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"3 Tools for Enforcing Password Policies | eSecurity Planet","description":"User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/","og_locale":"en_US","og_type":"article","og_title":"3 Tools for Enforcing Password Policies | eSecurity Planet","og_description":"User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?","og_url":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/","og_site_name":"eSecurity Planet","article_published_time":"2014-03-27T00:00:00+00:00","article_modified_time":"2021-01-28T16:17:43+00:00","og_image":[{"width":600,"height":600,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/eSecurity_redesign_badgecolor.png","type":"image\/png"}],"author":"Paul Rubens","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Paul Rubens","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/"},"author":{"name":"Paul Rubens","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c"},"headline":"3 Tools for Enforcing Password Policies","datePublished":"2014-03-27T00:00:00+00:00","dateModified":"2021-01-28T16:17:43+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/"},"wordCount":886,"commentCount":0,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"keywords":["active-directory","LastPass","network security","password","single sign-on"],"articleSection":["Networks"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/","url":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/","name":"3 Tools for Enforcing Password Policies | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"datePublished":"2014-03-27T00:00:00+00:00","dateModified":"2021-01-28T16:17:43+00:00","description":"User passwords are often a weak link in the corporate security chain. How can security pros make users adhere to strong password policies?","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/networks\/tools-for-enforcing-password-policies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"3 Tools for Enforcing Password Policies"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/98ff3e45922f3d3cc322e48f2036768c","name":"Paul Rubens","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/12\/Paul_head_An_400x400-150x150.jpg","caption":"Paul Rubens"},"description":"Paul Rubens is a technology journalist based in England, and is an eSecurity Planet contributor.","url":"https:\/\/www.esecurityplanet.com\/author\/paul-rubens-esp\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/573"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/226"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=573"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/573\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=573"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=573"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=573"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=573"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=573"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=573"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}