Best Practices for Implementing
NIST Password Guidelines
Weak Passwords? NIST Can Help!
Controlling users’ bad password habits poses a major challenge. Aligning your enterprise’s password policy with the latest guidelines from NIST can help encourage better password habits and reduce the risk of account takeover.
Luckily, you can enforce many of these guidelines through the built-in settings provided by most directory services, including Microsoft Active Directory.
Download this best practices guide to get:
A plain-english overview of required, recommended and desirable NIST password guidelines
Detailed instructions to help you use directory services like Active
Directory to enforce password guidelines Advice for how to keep your password policy human-friendly and help your users help themselves
Questions to ask potential solution providers
Even if you don’t use Microsoft Active Directory, this is still a helpful guide to NIST’s latest password recommendations.
Solution: Active Directory Guardian
Automatically detect and reset exposed Windows accounts.
SpyCloud’s account takeover prevention and fraud investigation solutions are backed by the world’s most current and comprehensive repository of recovered stolen credentials and PII. More data, particularly plaintext passwords, means more matches and stronger account protection.