Enzoic for Active Directory uses a partial hash comparison approach through Enzoic’s Password API. This allows you to check whether a given password is known to be compromised, without the exact password or hash leaving your environment. It is only necessary to supply the first 10 hex characters of a hash. A list of candidate hashes will then be returned and compared locally with the exact hash to determine if there is a match.
What information is sent to the Enzoic servers? Print
Created by: Waymon Barnette
Modified on: Fri, 11 Jun, 2021 at 6:24 PM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.