Enzoic for Active Directory

Enable AD password policy enforcement and secure passwords with daily screening for exposed password

Complete Password Protection and Continuous Active Directory Monitoring

A password that was safe yesterday may not be safe today. That’s why it’s important to screen for compromised passwords continuously.

With Enzoic for Active Directory, enterprises can secure their business and employee accounts by eliminating unsafe passwords and easily adopting NIST password requirements.

Get Active Directory security with:

Automated compromised password detection
Full credentials monitoring
Continuous ongoing password monitoring
Custom password dictionary
Blocking of username derivatives
Fuzzy matching with common character substitutions

Try the free password auditor and check for your domain's password vulnerabilities.

Fresh Exposed Password Data

Enzoic indexes newly compromised passwords on a daily basis so your organization is immediately protected. Our data is sourced from the public Internet, Dark Web and private sources. It is updated continuously by proprietary automated processes and human threat intelligence.

End Forced Password Reset

By continuously monitoring for compromised credentials, organizations can stop enforcing periodic password resets, meaning that users only need to change their password if it is compromised. This reduces IT help desk costs and improves security because users will choose better passwords if they don’t have to change them frequently.

Continuous Password Monitoring

Enzoic for Active Directory allows for real-time blocking of unsafe passwords at set-up and then automatically provides continuous monitoring of those same passwords to ensure they don’t become vulnerable later. This is essential because a password that was safe yesterday, may not be safe today.

We selected Enzoic for Active Directory because it automates compliance with the NIST password guidelines and it can be installed in just a few minutes. It includes continuous exposed password filtering and if bad passwords are found, remediation is automated so it does not create any additional work for our IT team. The custom local dictionary enables us to block our company name, product names and some of the common words our employees may choose to use. The experience is seamless for our users. It only impacts the users that are using bad or exposed passwords, all other accounts are protected without any additional friction.
PETER RIOS, IT NETWORK MANAGER MANAGEMENT INFORMATION SYSTEMS, KINGSTON TECHNOLOGY

Better security, better user experience, save time and reduce admin costs.

Get a Demo

Secure Active Directory Passwords

Using a standard password filter object, Enzoic allows you to create a “set and forget” AD password policy to detect password vulnerability in Active Directory, as well as hybrid Azure AD environments, and third-party Active Directory password reset tools.

When a new password is being created, a partial hash is evaluated against Enzoic’s database to check to see if the password has been seen in a data breach, is easy to guess, is commonly used, or matches your configuration settings that may make the password vulnerable to your specific environment.

Then daily monitoring against Enzoic’s continuously updated database detects if a good password becomes unsafe. Enzoic automates remediation with a variety of configurable actions that include requiring an Active Directory password reset.

Download and run the installation wizard on each domain controller.

Initial installation and configuration typically take 15 minutes or less, though this may vary depending on the complexity of your environment.

Get Started

For more information on Enzoic for Active Directory, please visit our AD Technical Documentation or Knowledge Base.

Enzoic for Active Directory provides:

One-click NIST password compliance screen
AD password policy blocking user credentials
Customizable and brandable notification
Periodic summary report for admins

Root password & similar password detection
Automated compromised user reporting
Easy SIEM integration

Make detecting and eliminating compromised passwords in AD easy and frictionless with a simple plug-in.

The Risks Azure AD Password Protection Ignores: Compromised and Blacklisted

How to Solve the Password Problem

SANS Analyst Program, “Fighting Back Against Compromised Credentials”

Bolstering AD Password Policies

Breaches happen virtually every day. To head off hackers, a dynamic solution that addresses NIST guidelines and cross-references passwords against a continuously updated database is critical. Microsoft Azure AD Password Protection may prevent simple password weaknesses, but misses attacks including: brute force, advanced persistent threats, and credential stuffing. Enzoic's dynamic solution provides protection at the password layer. It draws on our proprietary database of multiple billions of unique exposed passwords and our dynamic list that is updated multiple times daily. Our approach ensures that passwords are cross-referenced against data from the most recent breaches and easily addressing NIST's real-time detection requirements.

As credential theft continues to rise, what can be done to ensure password security? The more layers of authentication, the more difficult it is for someone to access an account that’s not their own. However, 2FA and MFA have limitations: user friction, device compatibility, and cost. Harden the password layer. Employ the Active Directory policy of checking passwords against a blacklist of compromised credentials. Enzoic helps organizations can strengthen passwords without impacting the user experience.

Passwords are the weakest link in enterprise security because they rely on fallible human memory and practices. More than 60% of survey respondents indicated their organization had experienced a security breach in the last year. The most frequent breaches involved passwords being compromised and malware attacks. Satisfy enterprise security requirements and minimize the impact on end-user productivity by enabling user authorizations for enterprise applications, data, and IT services. Improve security with Enzoic’s on-going password check against a continually updated list of compromised passwords.

Get Free Access to Enzoic for Active Directory

Start Now

Enterprise Security

Built for the most security conscious organization.
Read our Security Overview

Automation Can Help Save The IT Team Time and Energy

The goal of Enzoic for Active Directory is to allow IT to set it up and then just let it run. When an existing password becomes vulnerable, the remediation steps are automated instead of manual intervention.

Enzoic for Active Directory can meet all the NIST password policy guidelines. It serves as a comprehensive, automated password blacklist that filters for weak, commonly-used, expected, and compromised passwords.

Organizations have unique needs, so automated responses can be customized when compromised or weak passwords are found. The organization can select the appropriate automated action and the timeline for that action. Alerts can also be sent to the user, the help desk and/or an admin.

Enzoic for Active Directory

Enable AD password policy enforcement and secure passwords with daily screening for exposed password

Complete Password Protection and Continuous Active Directory Monitoring

Better security, better user experience, save time and reduce admin costs.

Secure Active Directory Passwords

Enzoic for Active Directory provides:

One-click NIST password compliance screen

AD password policy blocking user credentials

Customizable and brandable notification

Periodic summary report for admins

Root password & similar password detection

Automated compromised user reporting

Easy SIEM integration