IAM Capability: Password Complexity Management

By Zach DeMeyer Posted January 12, 2019

Identity and Access Management Capability: Password Complexity Management

Passwords are still one of the most dominant forms of authenticating users. With the number of data breaches hitting the news constantly on the rise, it’s astounding that people still use passwords like “password” or “123456,” the two most popular passwords of 2018. The challenge for IT admins is finding the best ways to help(/enforce) their end users to create strong, intricate passwords. The identity and access management capability for password complexity management is helping IT admins accomplish this task.

Passwords Through the Years

self-service password resets

Historically, user identities were located on-prem, and generally based in a directory service like Microsoft® Active Directory®. Identities were mainly leveraged to access the user’s system, which resulted in instant access to their Windows-based networked resources. Because the identity was primarily only used to access these on-prem machines, passwords only had to be complex enough to prevent a potentially mischievous coworker from changing your desktop background.

That all changed with the advent of the Internet, as user accounts became accessible from virtually anywhere. Hackers realized that the fastest way to compromise networks and access confidential information, credit cards, social security numbers, and more was through user identities. And so, the war against passwords began. A whole generation of approaches to compromise identities, including phishing, began their onslaught on undermining weak passwords.

Enforcing Strong Passwords

In the cat and mouse game of IT security, admins and MSPs started to realize that they needed to teach their end users on how to create strong passwords and then enforce their password requirements through tooling. In order to best protect identities, passwords needed to be longer, complex, unique, and rotated appropriately. In fact, many compliance statutes started to require a variety of password complexity settings.

While training end users was a great start, many IT organizations required an identity and access management capability for password complexity management. It became a major hassle to use add-on solutions to enforce password requirements, instead of having the directory do the job itself. This feature of an IAM platform would ensure that an organization’s settings would be met by all users creating passwords in the system. The further benefit would be that the best identity management solutions would also connect users to virtually all of their IT resources ensuring that the strong passwords would be leveraged wherever possible.

Password Complexity Management Through IAM

JumpCloud® Directory-as-a-Service® is a cloud-based directory service and full IAM platform. Among a host of capabilities, one such IAM capability available in Directory-as-a-Service is configurable password complexity requirements. Applied through the web-based console, password complexity can be enforced across entire user groups and system fleets.

If you are interested in stepping up your passwords, or just learning stronger password techniques in general, feel free to contact us to get more information. If the IAM capability for password complexity management sounds intriguing to you, consider signing up for JumpCloud to try it absolutely free.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts