Pricing  Get Quote

SOX password requirements

Sarbanes-Oxley password requirements

The Sarbanes-Oxley Act (SOX) was passed in 2002 by the US government to protect shareholders and the public from accounting errors and fraudulent activities in organizations. SOX compliance requires public firms to identify and protect all financial management resources, including reports, applications, supporting systems, and services, according to the specified standards. Noncompliance can result in a fine, imprisonment, or both.

The SOX password requirements are as follows:

Use longer passwords:

Passwords longer than 20 characters are difficult to crack, as they have too many combinations to go through before the right password is guessed correctly.

Avoid common words:

Using phrases like "password", "admin", or "12345" in passwords make them weak, as these are the most frequently used passwords, and can easily be identified via a dictionary attack.

Go beyond passwords:

Enforce multiple identity verification methods for authentication so access to confidential data is secure, even if the password is cracked.

Reduce human intervention in password management:

When the help desk is requested for a password reset, there is no identity verification process to ensure it's a legitimate request. Also, the reset password is typically given in plain text over a messaging application. All of this can increase the chances of the password being stolen.

Make SOX compliance easy with ADSelfService Plus

ADSelfService Plus enables your organization to meet every password requirement needed to achieve SOX compliance. You can enforce these password requirements using a custom policy, which can be applied to chosen users, groups, or organizational units in Active Directory.

Custom password length:

Admins can enforce longer passwords by setting a minimum password length.

Avoiding dictionary words:

ADSelfService Plus provides a built-in dictionary to avoid common words in passwords. Admins can also add their own dictionary.

Sarbanes-Oxley password requirements

Multi-factor authentication:

Secure machine logons, application logons, and virtual private network (VPN) logons with over 15 different advanced authentication methods, including biometrics and YubiKey Authenticator.

Self-service password management:

Enable users to reset forgotten passwords and unlock their accounts without involving the help desk.

Apart from SOX, ADSelfService Plus also helps your organization stay compliant with NIST, HIPPA, PCI DSS, and CJIS regulations.

Other features of ADSelfService Plus

  • 1. Single sign-on

    Implement single sign-on for hundreds of major enterprise applications and custom applications from a single portal. Learn more

  • 2. Password Expiry Notification

    Alert users about passwords that are going to expire through emails, push notifications, and SMS messages. Learn more

  • 3. Password Synchronizer

    Sync the Windows Active Directory user password across various platforms automatically, eliminating password fatigue. Learn more

  • 4. Password Policy Enforcer

    Enforce strong passwords that are equipped to fight dictionary attacks, brute-force attacks, and other password threats. Learn more

  • 5. Directory self-update

    Allow users to update personal information in Active Directory, freeing the help desk from this daunting and repetitive task. Learn more

Simplify SOX compliance with ADSelfService Plus

  Download a free trial now!  Request demo

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by

A single pane of glass for complete self service password management