Modern password policies are comprised of many different elements that contribute to its effectiveness. One of the components of an effective current password policy makes use of what is known as a custom dictionary that filters out certain words that are not allowed as passwords in the environment.
Using custom dictionaries, organizations can significantly improve their cybersecurity posture and filter out obvious passwords that provide poor security for user accounts.
When using password dictionaries in your password policy, there are many different approaches to consider. First, let’s consider crafting a custom dictionary for your password policy, including general guidance on how these are created, configured, and how you can easily use custom dictionaries in an active directory environment.
Why customize your dictionary?
Custom dictionaries are born from the need to “think as a hacker thinks.” Compromised credentials are one of the leading causes of malicious data breaches across the board. They are also one of the most expensive to organizations. IBM’s Cost of a Data Breach Report 2020, compromised credentials increased the average total cost of a breach by nearly $1…