![]() ![]() On top of this, since employees often use multiple devices, numerous productivity applications, Windows services, and more, the password overlap could set off the account lockout from any of these. This type of account lockout while not as prevalent is far more difficult to resolve, because the root cause of the account lockout is often obscure. Password overlap due to cached credentials.Though this type of password reset is prevalent, resolving it simply requires verifying the user’s ID and resetting the AD account password. This makes it extremely challenging for an average employee to keep track of what passwords are in use resulting in frequent account lockouts. In addition to accessing their desktop and VPN, a vast suite of applications like Outlook, Dropbox, G Suite, Salesforce, Amazon Web Services (AWS), and more require the use of unique passwords. Without the use of a single sign-on, an employee on average uses approximately 27 passwords for their business needs. Careless employees forgetting their passwordsĪn organization is only as strong as its weakest link.Almost all AD lockouts are caused by one of these two fundamental issues. ![]() The account lockout policy is a built-in security measure that limits malicious users and hackers from illegitimately accessing your network resources. ![]() It’s vital to understand why the wrong password was repeatedly used, i.e., whether its use was malicious or not, because not knowing this information could result in unwanted access. This is why there’s a pressing need to analyze and detect the root cause of an account lockout quickly so user accounts don’t remain locked out long. And with employees switching between multiple devices and collaborating using numerous applications, finding the source of an AD account lockout has become harder than ever. With password reset requests accounting for almost 30% of the total IT help desk tickets, resolving frequent account lockouts becomes an indispensable part of a sysadmin’s job. A stringent account lockout policy is vital to derail password guessing and brute-force attacks but it also runs the risk of locking out legitimate users costing businesses valuable time, money, and effort. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |