- Free Edition
- Quick Links
- MFA
- Self-Service Password Management
- Single Sign-On
- Password Synchronizer
- Password Policy Enforcer
- Employee Self-Service
- Reporting and auditing
- Integrations
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- EventLog Analyzer Real-time Log Analysis & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- DataSecurity Plus File server auditing & data discovery
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools
What is the DoD?
The Department of Defense (DoD) is the United States federal agency responsible for national security and managing the armed forces. Given the sensitive and critical nature of its operations, the DoD enforces stringent policies to protect its information systems and data from unauthorized access. Compliance with these policies is mandatory for DoD personnel, contractors, and affiliated organizations to ensure the integrity, confidentiality, and availability of defense-related information.
What are the DoD password requirements
The following table explains the password policy requirements of the DoD and how ADSelfService Plus helps your organization comply with them.
| DoD requirement | Requirement description | How ADSelfService Plus helps satisfy the requirement |
|---|---|---|
| Minimum password length | Passwords must be at least 15 characters long for systems without MFA. If the system does not support 15 characters, a minimum length of 6 characters must be used. | ADSelfService Plus enables you to implement adaptive MFA across endpoints, significantly strengthening user authentication and reducing reliance on password length alone. For systems without MFA, ADSelfService Plus allows you to enforce a minimum password length of 15 characters, fully aligning with DoD requirements. If technical constraints prevent 15-character passwords, you can configure a minimum length of 6 characters. |
| Password complexity | Passwords must include uppercase letters, lowercase letters, numbers, and special characters. | ADSelfService Plus enables you to configure the number of upper case, lower case, numeric, special, and unicode characters that users must include in their passwords. |
Simplify DoD compliance using ADselfService Plus
ADSelfService Plus' Password Policy Enforcer satisfies DoD requirements and can be enforced for all or specific AD users based on their domain, OU, or group membership. With its adaptive MFA techniques, ADSelfService Plus ensures your organizational identities are effectively secured for a comprehensive Zero Trust environment.
- Enforce minimum password length: Mandate passwords of at least 15 characters for systems without MFA, as required by the DoD.
- Ensure password complexity: Require passwords to include uppercase, lowercase, numeric, and special characters, fully meeting DoD standards for complexity.
- Ban weak and compromised passwords: Block the use of leaked, weak, or easily guessable passwords, including dictionary words, repetitive or sequential characters, and palindromes, to reduce the risk of credential-based attacks.
- Mandate MFA for users: Secure user access to sensitive defense-related data by enabling adaptive MFA for endpoints, such as for machine logons, application logons, VPN logons, RDP logons, and OWA logons. Choose from a range of 20 different MFA authenticators, including FIDO passkeys and biometrics, to verify users' identities, helping organizations satisfy DoD recommendations for strong authentication even though MFA is not yet mandated.
- Enforce password history: Ensure password strength by enforcing password history during native password resets in the Windows Active Directory Users and Computers (ADUC) console.
- Password Policy Enforcer
- MFA
Restrict users from reusing any of their previously used passwords during password creation.
Configure the minimum password length and the inclusion of alpha-numeric characters in passwords.
Choose the minimum number of complexity requirements your users' passwords should satisfy as per your organization's security needs.
Choose from a plethora of different authenticators to verify your users' identities.
Secure all endpoints in your network using MFA.
Highlights of ADSelfService Plus
Password self-service
Eliminate lengthy help desk calls for Windows Active Directory users by empowering them with self-service password reset and account unlock capabilities.
One identity with single sign-on
Gain seamless one-click access to more than 100 cloud applications. With enterprise single sign-on, users can access all their cloud applications using their Windows Active Directory credentials.
Password synchronization
Synchronize Windows Active Directory user passwords and account changes across multiple systems automatically, including Microsoft 365, Google Workspace, IBM iSeries, and more.
MFA
Enable context-based MFA with 20 different authentication factors for endpoint, application, VPN, OWA, and RDP logins.
Password and account expiration notifications
Notify Windows Active Directory users of their impending password and account expiration via email and SMS notifications.
Password policy enforcer
Strong passwords resist various hacking threats. Enforce Windows Active Directory users to adhere to compliant passwords by displaying password complexity requirements.
