Upcoming Events:
Free Global Active Directory Seminar (Barcelona) -> May 16th
Free Global Active Directory Seminar (Lisbon) -> May 17th
Free Global Active Directory Seminar (Madrid) -> May 18th

Three neglected password policy tips that increase security

Most organizations are familiar with the Microsoft password policy and the features it provides. The password policy from Microsoft for Active Directory domains has been the same for over 17 years now. Some organizations have taken the initiative to implement multi-factor authentication, but for most organizations, these technologies are expensive, cumbersome, complex, and require end […]

The top 3 drawbacks to Microsoft password policies

We have all been living with the Microsoft password policy solution for many years now. It has sufficed, for the most part, untill now, due to password security requirements. There are distinct drawbacks with the Microsoft solution that all corporations need to consider to protect themselves against hackers. Even with Microsoft Windows Server 2012 R2, […]

Powerful reporting of historical Active Directory activities

Every Active Directory administrator has needed to get a report of access, activities, and more from the past actions performed against Active Directory. When you need these reports, it is typically mission critical that you obtain them immediately. The problem is that Active Directory does not track the required level of access, activities, and management […]

Active Directory SACL reporting

ManageEngine has stressed the importance of monitoring and alerting on Active Directory changes for years. With this level of monitoring and alerting, you can see and be notified of any key change in Active Directory with an email! That is powerful. To monitor and alert on Active Directory changes, you need to establish the SACL […]

Who said password cracking is dead?

In a recent conference, I was privy to a insightful session on password cracking. No, not pass-the-hash, pass-the-ticket, token manipulation, or other high-tech techniques. Rather, just simple brute force hacks, with some twists. It reinforced what I have been teaching for years, which is that our passwords are nearly worthless. Let me explain. Most organizations […]

Securing user rights on Windows servers

With over 35 user rights to choose from and configure on each and every Windows server, it’s important to pick those that have the highest impact and effect if compromised. First, you need to get the listing of user rights from each server. There are a few options, but an ideal solution is to run […]