The Periodic Summary Report is found in the Admin Notification section within the Settings tab. It is an automatically generated report that can be sent on a monthly, weekly, or daily interval. For more information on how to set up the report, click here.
This report is a great way to give admins a powerful tool that provides valuable insights into data trends over time. While the report is fairly straightforward, this article is designed to provide additional context and clarification around each of the items listed.
Please note: The Periodic Summary Report is currently a month-long cumulative report. It's important to understand that the cumulative nature of the report means that the data presented will increase incrementally until the end of the month. This means that when you opt to receive the report on a daily or weekly basis, you will not receive a separate report for each time interval, but rather the report will grow progressively over the month, accumulating data as each new period is included.
The report can be broken up into two sections. The top half is dedicated to password change attempts. While the bottom half gives information regarding good passwords that have been cached and are being monitored on a daily basis.
As mentioned above, the top section is reserved for password change attempts.
Total Password Change Checks: How many monitored users attempted a password change since the beginning of the month.
Total Password Changes Blocked: Of those users that attempted a password change, how many of their passwords were rejected.
The next listed items go in-depth into why a password attempt was blocked. With the exception of the Custom Dictionary, all of the following items are from the policy settings within the Monitoring Policies section of the console.
Please note: This report lists every policy setting, even if it is not enabled within your console. If you do not have a certain setting enabled, it will still show up in the report, but will simply have a zero next to it. For more information on each of the policy settings, click here.
Exact Match with Compromised Password: The password the user is attempting to use was found in a data breach or cracking dictionary.
Fuzzy Match with Compromised Password: The password the user was attempting was normalized and then found to be used in a data breach or cracking dictionary.
New Password too Similar to Previous Password: The password the user was attempting was too similar to their last password.
Password Found in Custom Dictionary: A user attempted to use a word in the custom dictionary.
Root Password Compromised: A user attempted to use a weak or compromised word that is surrounded by numbers and special characters (IE: 123@Password456!). Root password detection strips away the numbers and special characters and evaluates the core word.
Password Contained User Email: A user attempted to use a password that contained their email.
Password Contained Login Name: A user attempted to change their password to something that contains their NT login.
Password Contained First/Last Name: A user attempted to change their password to something that contains their first and/or last name.
Credentials Compromised: A user attempted to change their password to something that hit on the credential combination of their username and password together.
In addition to checking password attempts as they come through, Enzoic also reviews each password it has cached on a daily basis to see if any new breaches have compromised users' passwords.
Total users selected for monitoring: This is the total number of users that are currently being monitored by Enzoic.
Users Protected: Total number of users currently with good passwords.
Users Unprotected: Total number of users that need to change their password
Total Checks: This is the total number of times Enzoic has checked the cached passwords
Total Detections: This is the total number of compromises Enzoic has found from the users it’s monitoring.
The rest of the report lists the same policy settings as the top but refers to compromises found in daily checks, rather than password attempts.