Don’t share them. Don’t write them down on Post-it notes. Don’t forget them. Make them hard to guess, but still easy to remember.
As an administrator, you’ve probably shared these cardinal rules of password management with your end users dozens of times. But what do those users go and do? If rising cyber attacks are anything to go by, they don’t bother with these rules and fall back into unsafe practices.
Passwords are the most important component of cybersecurity and often the first and strongest line of defense against hackers. That’s why World Password Day is organized on the first Thursday of May every year. The goal is to help users and organizations improve password management techniques by sharing security tips and resources. This year, ManageEngine is ready to do its part.
Here are three free tools that will help you simplify password management for end users and improve password security in your organization.
Password Expiration Notification Tool
Let’s be frank—nobody pays attention to the password expiration reminder in Windows. The small pop-up window is as ineffective as it is obscure. What’s more, it doesn’t work for VPN, OWA, Mac, and BYOD users.
Our Free Password Expiration Notification Tool helps you remind users about their soon-to-expire passwords via SMS, email, and push notifications. You can set up notifications so that users receive alerts incrementally, with more frequent notifications as the expiration date nears. You can also provision custom notifications to suit your requirements, and send summary reports about password notifications to specific email addresses.
Best of all, this tool is completely free. There is no restriction to the number of domains or users you can configure. Download it here.
Empty Password Users Reporting Tool
Having AD user accounts with empty passwords is plain blasphemy. You might as well give hackers your domain account password and invite them to snoop around the network. Even if your domain password policy doesn’t accept blank passwords, it’s still possible to set the PASSWD_NOTREQD property flag under users’ userAccountControl attribute, letting users log in to the AD domain without a password.
To combat this, our Empty Password Users Reporting Tool helps you find users with empty passwords in your domain. Once it scans your domain and lists the user accounts that have blank passwords, you can then reset their passwordsto keep your domain secure. This tool is available as part of our AD free tools suite. You can find more information about it here.
Granular Password Policy Enforcer
Since the turn of the century, Microsoft has gone through three CEOs, five client operating systems, and six server operating systems. Despite these changes, and apart from the addition of fine-grained password policies, the Windows domain password policy has remained the same. Meanwhile, hackers have found sophisticated methods to blast through weak passwords, such as dictionary attacks, brute-force attacks, etc.
Our Password Policy Enforcer helps you implement strong password policies in your domains based on groups and OUs. It comes with eight new password rules that are not available in the default domain password policy, including dictionary rule, pattern checker, and more. This feature is available as part of ADSelfService Plus, an integrated self-service AD password management and single sign-on solution. However, there is one caveat—it is only free for a maximum of 50 users. On the bright side, you get a lot more with ADSelfService Plus, including self-service password reset and account unlock, a multi-platform password synchronizer, single sign-on, a directory self-updater, and other great features. Download the free edition of ADSelfService Plus here.