I have had the benefit of visiting a number of customers to understand how they use our products. Specifically, how they use the breach password dictionary in StealthINTERCEPT Enterprise Password Enforcer. Many actively manage their breach password database to prevent breached passwords from use. In reviewing these password databases, I noticed many contained entries with multiple variations of a single word. Essentially, they were manually adding character substitution or “leetspeak.” For example, the word ‘password’ would have the following entries:…
The post ProTip – The Power of Character Substitution Checks in StealthINTERCEPT Enterprise Password Enforcer appeared first on Insider Threat Security Blog.