nFront Password Filter

Now compatible with Windows 2008!

nFront Password Filter is a password policy tool that allows up to 6 different password policies in the same Windows domain. Each password policy has many granular settings and can be associated with one or more global or universal security groups. nFront Password Filter allows you to strengthen network security by preventing the use of weak, easily hacked passwords.

In addition to enhancing the password policy for Windows Active Directory nFront Password Filter is also available in a version that filters the passwords created on Microsoft SQL Server 2005.

Who is enforcing your password policy?

Windows gives you the tools to control password length, history and expiration, but no control over password complexity. Without nFront Password Filter it is highly likely that weak, easily cracked passwords are allowed on your network.

Consider the following standard Windows policy:

THE WINDOWS PASSWORD POLICY ABOVE DOES NOT PREVENT ANY OF THE FOLLOWING PASSWORDS

aaaaaa	abcdef	123456
januarypw	februarypw	marchpw
myuserid	mydogsname	mywifesname

Now Consider The Robust Policy Capabilities With nFront Password Filter

Controlled by Group Policy

nFront Password Filter is controlled using familiar Group Policy Object configuration. After installation of the software on all domain controllers, simply create a new GPO, load one of our provided templates and configure your policies. It's that easy!

Granular Password Policies

nFront Password Filter gives you granular control over your password policies. It can put min and max limits on specific types of characters, reject passwords that contain userids and even check a new password against a multi-language dictionary with over 2 million words in less than 1 second.

Multiple Policies

nFront Password Filter MPE allows you to have up to 6 different password policies in the same Windows domain. Each policy can be associated with one or more global or universal security group. You can have strong password polices for Administrators and those with access to more privileged information (credit card data, tax information, etc.). You can also associate weaker policy with other groups like "Mainframe Users."

Policies that cannot be bypassed

nFront Password Filter is not some set of Java rules on a website that are easily bypassed. nFront Password Filter is integrated into the operating system and runs in kernel mode. The polices you create cannot be bypassed with an alternative password change mechanism.

Dictionary Checking

nFront Password Filter goes beyond giving you control over character types and includes a very fast dictionary check feature. In less than 1 second, nFront Password Filter can scan a 2 million word dictionary and ensure that the user's proposed new password is not contained in the dictionary file!

Optional Client to help end users

nFront Password Filter comes with an optional client that you can deploy to end-user workstations. You can choose to include your own custom message to the end user or our default password rules or both. You can also display a password strength meter. All settings, of course, are controlled by GPO.