Humans, though they may be slow but they are expert at beating all kinds of smart systems eventually : ). IMO, users like to keep simple to remember and yet complex passwords. As a security ninja with star darts, of your organization, the last thing that you want to happen would be a user account getting compromised because he kept his password as “Password21”

You may have complex active directory password policy enabled along with minimum password length, bad password count, account lockout duration, and conservative security practices, etc. and yet you may fail Active Directory Password Audit for weak passwords.

This is where Active Directory audit for weak passwords helps and implement security measures that discourage or even disallow use of easily guessable complex passwords.

Read More