Exchange OWA deployments and brute force attacks

I recently read an interesting article that stated “automated password-cracking software can perform 100 million checks per second – equating to a four-character password being cracked in 0.16 seconds, and a six-character password in just 11.4 minutes.” (SC Magazine, February 2013)

When you think about a typical user password, it is no wonder why Security Administrators are worried about brute force attacks and the safety of their systems and information.  Password security and protection from brute force attacks is important regardless of the systems being secured.  This is especially important for Outlook Web App users as their OWA user ID and password are the same as the Active Directory logon credentials for the corporate network.  Get the OWA logon credentials and the hacker can access the network!

Is it difficult to try a brute force attack on OWA?  Unfortunately, the answer is no.  With today’s computing power and network bandwidth, running through thousands of passwords is easy.  As I was discussing this with a group of IT professionals, one fellow suggested that at least they would still need to guess the email address of the user for the logon.  Of course that’s not much to hope for since the majority of those addresses are widely visible on social networking sites, search engines, and of course, a multitude of free SPAM and UCE (unsolicited commercial email) lists.

If this is of concern, Messageware can help.  Messageware OWA Guard offers advanced Microsoft Exchange and OWA authentication security to help protect businesses and users from a variety of logon attacks.   Learn more by having a look at Messageware OWA Guard or touch base with Messageware for a web demonstration.