We’re excited to announce our newest Integrated Password Strength Evaluator feature. The Integrated Password Strength Evaluator uses Impart Security’s practitioner-proven algorithm to heuristically evaluate password strength, thus enabling security people like you to confidently check password strength’s effectiveness within any runtime rule script.
Impart’s integrated API security platform’s purpose is to empower security people to “see risk, drive actions to reduce risk, and drive efficiency”. Here, we’ll outline how our new Integrated Password Strength Evaluator feature demonstrates the values we stated above for you:
1. See risk – What needs to be secured?
Based on prior experience, we know that compromised or weak passwords are a very high indicator of account takeover attempts (ATO). With our Integrated Password Strength Evaluator, you will be able to see ATO attempts happening in real time without having to sort through a bunch of noisy signals like user agents or IP addresses.
2. Drive actions to reduce risk – How can I fix the risks I identified?
Now you can add detections easily into rate limiting or blocking rules, and therefore block ATO attempts with higher confidence without risking any negative impact to production.
3. Drive efficiency – How do the actions I’ve taken benefit my company and make me more effective?
Having the ability to quickly add password evaluator logic into any request or response rule helps you to streamline your workflow and work more efficiently. Without this, you would have to implement this custom logic elsewhere such as in a serverless platform or natively in your application, and waste more time sifting through false positives.
Follow us on LinkedIn to stay tuned for our latest features and news.
*** This is a Security Bloggers Network syndicated blog from Impart Security Blog authored by Impart Security Blog. Read the original post at: https://www.impart.security/blog/hold-account-takeover-attempts-at-bay-with-new-integrated-password-strength-evaluator