Enzoic for Active Directory uses a partial hash comparison approach through Enzoic’s Password API. This allows you to check whether a given password is known to be compromised, without the exact password or hash leaving your environment. It is only necessary to supply the first 10 hex characters of a hash. A list of candidate hashes will then be returned and compared locally with the exact hash to determine if there is a match.
What information is sent to the Enzoic servers? Print
Created by: Waymon Barnette
Modified on: Mon, 30 Jan, 2023 at 3:52 PM
Did you find it helpful? Yes NoSend feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.