Controlled by Group Policy

nFront Password Filter is controlled using a single Group Policy Object configuration. After installation of the software on all domain controllers, simply create a new GPO, load one of our provided templates and configure your policies. It's that easy!

Password Policy Rules to Enforce the use of Passphrases

Passphrases are simply long passwords like "The dog ate my newspaper." or "I love Chocolate!" Such phrases make great passwords because they are long and long passwords are generally always superior to shorter ones. However, such phrases usually contain dictionary words and can be rejected by dictionary filtering. With nFront Password Filter you can skip dictionary filters for passwords over a specified number of characters. So long passwords may contain dictionary words but short passwords may not.

Policies that cannot be bypassed

nFront Password Filter is not some set of Java rules on a website that are easily bypassed. nFront Password Filter is integrated into the operating system and runs as a thread under the local security authority (the lsass.ese process). The polices you create cannot be bypassed with an alternative password change mechanism.

Dictionary Checking

nFront Password Filter goes beyond giving you control over character types and includes a very fast dictionary check feature. In less than 1 second, nFront Password Filter can scan a 2 million word dictionary and ensure that the user's proposed new password is not contained in the dictionary file!

nFront Password Filter ships with a 27,000 word customizable, plain-text dictionary. The dictionary check feature looks for a case-insensitive exact match (instead of a substring match) between the proposed new password and each entry in the dictionary. The substring search feature can be enable to look for the dictionary word anywhere within the password. You can customize the dictionary by editing the file in Notepad or any other text editor of your choice.

SYSTEM REQUIREMENTS FOR NFRONT PASSWORD FILTER

• Windows 2008, 2008 R2, Server 2012, Server 2012 R2, Server 2016, Server 2019, Server 2022
• x64 supported for all OS
• 5 MB free disk space (additional 30GB required if checking local breached password file)
• 5 minutes of time per domain controller to install
• 30 minutes of time per domain to configure and test.

SYSTEM REQUIREMENTS FOR NFRONT PASSWORD FILTER CLIENT

• Windows 7, Windows 8, Windows 8.1, Windows 10, and Windows 11. It may also be installed on servers and DCs that are Windows 2008 and above.
• x64 supported for all OS
• 5 MB free disk space
• We suggest an automated deployment using a software GPO or a tool like Microsoft System Center.

nFront Web Password Change
A Password Change Portal that is "nFront" aware.

The nFront Web Password Change is a password change portal for AD users which is "nFront Password Filter" aware.  It is a small software package that you install on Internet Information Server.  It understands the password policies defined with nFront Password Filter. When the user enters his or her name and tabs to the next field the password policy rules that apply to the specific account are retrieved and displayed.  If the user attempts a password change that is disallowed by nFront Password Filter a more detailed failure message will be displayed and the user will be given another attempt to change his or her password.

nFront AD Disabler
Never worry about dormant accounts again.

Wouldn't it be nice to automatically disable any accounts that have not logged on in three weeks?

nFront AD Disabler can automatically disable inactive and dormant accounts within your Windows Active Directory. Disabling inactive accounts is not only a security best practice but it is also part of the PCI compliance requirements and the IRS 1075 guideline.