NMAS and password filter support for Microsoft password vulnerability validation in the cloud

Idea ID 2783775

NMAS and password filter support for Microsoft password vulnerability validation in the cloud

0 Votes
Microsoft on premises and cloud based password ban support.

References:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad-on-premises
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-password-ban-bad

Basically, in the on-premises mode, a fussy match is performed on a password list (an edit distance of 1).
In the cloud setup, a cloud call is made to validate the password against an unpublished database of vulnerable password.

This MS feature ads a password filter (that is able to reject the password if it is vulnerable).
In order to support this,
1. NetIQ's password filter should not sync the rejected password (it should come after the filter of MS)
2. NMAS (SSPR?) should be able to do the same cloud call to validate the password against the unpublished database of vulnerable password

Stefaan
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.