Pricing  Get Quote
 
 

Password security and compliance

Password security and data compliance

Businesses are responsible for proper information storing and sharing. Dire events from the past like Yahoo's massive data breach resulting in millions of users' sensitive information being compromised highlight why business owners are so worried about data security in their organizations.

A data breach not only puts users' privacy at risk, but also irreversibly impacts a company's finances and reputation. This is why businesses need to adhere to compliance mandates like the GDPR, PCI DSS, and HIPAA to keep their data safe, and that's where ADSelfService Plus lends a hand.

Password security best practices

Data compliance regulations are revised regularly, taking insights from password cracking experts, hacker behavior, and previous breaches. Here's what the regulations have to say about password security best practices:

Compliance regulation Description Password security guidelines
GDPR The GDPR was enacted by the European Union and it focuses on regulations to properly collect, store, and handle individuals' personal and sensitive data.
  • Minimum password length should be 8 characters
  • Old passwords must not be repeated
  • Passwords should not contain personal information or dictionary words
  • Passphrases are recommended for passwords
Learn more
HIPAA HIPAA includes standards to safeguard the health information of individuals that is handled by any business, institute, or agency.
  • Minimum password length should be 8 characters
  • Password hints and common dictionary words should be avoided
  • Passwords must be unique and easy to remember
Learn more
PCI DSS The PCI DSS includes regulations that businesses handling sensitive cardholder data must comply with.
  • Minimum password length should be 7 characters
  • Passwords must be alphanumeric in nature and stored with encryption
  • Passwords must be regularly reset and old passwords should not be reused
  • The allowed number of failed logon attempts must be limited
  • Users must be authenticated with stringent MFA techniques
Learn more
Essential Eight The Essential Eight comprises of baseline mitigation strategies put forth by the Australian government to amp up the cyberdefense of organizations.
  • Users must be authenticated with MFA techniques
  • Restricted resource access must be given to users and admins
Learn more
CJIS The CJIS, a division of the Federal Bureau of Investigation of the US, sets standards and appropriate controls to protect, transmit, store, and access criminal justice information.
  • Minimum password length should be 8 characters
  • Passwords should not be dictionary words, usernames, or previously used passwords
  • Passwords must be changed every 90 days and must be stored securely
Learn more
SOX The SOX act was enacted by the US government to safeguard shareholders and the public from accounting errors and fraudulent activities in organizations.
  • Passwords must be as long as possible
  • Common words must be avoided while creating passwords
  • Users must be authenticated with MFA techniques
Learn more
NIST The NIST standard, drafted by the National Institute of Standards and Technology, is the most influential, recommended standard for creating strong passwords that cannot be hacked.
  • Password length is more important than complexity
  • Frequent password resets must be avoided
  • The allowed number of failed logon attempts must be limited
  • Passwords must be encrypted and stored securely
  • Giving hints to users while entering their passwords should be avoided
Learn more

How ADSelfService Plus helps with password security and compliance

Password policy enforcer

  • Allows you to enforce a custom password policy that integrates with the built-in AD password policies.
  • Helps enforce requirements like restricting dictionary words, patterns, and palindromes and mandates the number of special, numeric, and Unicode characters that must be used.

Access policy

  • Allows you to define any number of self-service policies in a given domain.
  • Provides options to restrict the number of failed identity verification attempts, limit the self-service password reset frequency, enable CAPTCHA code verification during logins, analyze password strength, and more.

MFA

  • Offers MFA support for application access, both cloud-based and on-premises, as well as for endpoints.
  • Offers around 20 authentication factors, including biometrics, Duo Security, TOTPs, YubiKey, and smart cards.

An enhanced, user-friendly console that eases your IT burdens

Password policy enforcer

1
 
Advanced fine-grain capabilities

Assign fine-grained password policies to users belonging to different groups and OUs as needed.

2
 
Customize complexity requirements

Choose the minimum number of complexity requirements your users' passwords should satisfy as per your organization's security needs.

Password policy enforcer

1. Advanced fine-grain capabilities: Assign fine-grained password policies to users belonging to different groups and OUs as needed.

2. Customize complexity requirements: Choose the minimum number of complexity requirements your users' passwords should satisfy as per your organization's security needs.

Access policy

1
 
Unique passwords

Enforce AD password history settings during password resets to restrict the use of old passwords.

2
 
Ctrl+C and Ctrl+V

Allow or prevent copying and pasting passwords in password fields.

Access policy

1. Unique passwords: Enforce AD password history settings during password resets to restrict the use of old passwords.

2. Ctrl+C and Ctrl+V: Allow or prevent copying and pasting passwords in password fields.

MFA

1
 
Ample authenticators

Choose from around 20 different authenticators to setup MFA for your users.

Multi-factor Authentication

1. Ample authenticators: Choose from around 20 different authenticators to setup MFA for your users.

Benefits of using ADSelfService Plus for password compliance

  • Compliance with regulatory standards: Ensure your organization complies with NIST SP 800-63B, PCI DSS, Essential Eight, CJIS, SOX, GDPR, and HIPAA compliance mandates.
  • Simplified auditing and tracking: Give administrators a holistic overview of their users' password and account statuses through several comprehensive reports and make data collection for legal auditing easy.
  • Flexibility and security: Create different policies for different types of users in the organization according to their role and level of access to sensitive data. Ensure users create strong passwords that are immune to cyberattacks.
  • Control and consistency: With approval-based self-service, give admins control over users’ self-service actions and ensure that they are handled in a secure, consistent manner.

No more stressing over compliance with regulatory standards

Get your free trial  
Highlights

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, Google Workspace, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by