topic Re: Credential Protection \ Password Reuse in Endpoint

Credential Protection \ Password Reuse

YaseminAygur — Tue, 18 Apr 2023 13:25:05 GMT

Hello,

I am using cloud harmony endpoint and I wanted to test the prevent password reuse feature. However, I was unsuccessful.What should I pay attention to? Can you help with any steps you can suggest?

Re: Credential Protection \ Password Reuse

Chris_Atkinson — Wed, 19 Apr 2023 02:38:07 GMT

Which blades are deployed to the client and how was the testing performed?

Were the protected domains configured and policy saved/installed...

For reference the corresponding section of the admin guide is linked below.

https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/Harmony-Endpoint-Admin-Guide/Topics-HEP/Web-and-Files-Protection.htm?Highlight=credential#Credenti

Re: Credential Protection \ Password Reuse

YaseminAygur — Wed, 19 Apr 2023 12:10:17 GMT

I followed all the steps in the admin guide, but I couldn't find where I was missing.

I created a policy in Threat Prevention.
I set it to "prevent" in the web and file protection tab for zero phishing and password reuse.
I added both the domain controller ip address and the domain name to the protected domain part.
I saved the policy and installed it on the computer I want to test.
On my test computer, I clicked update now for the client to receive the policies.
I have activated web extension for chrome and edge.
Then, I tried to enter a site (eg facebook or sahibinden.com) with my domain password, and there was no blocking.

I added the domain as adscanner. But is there a setting I need to make elsewhere?

Re: Credential Protection \ Password Reuse

Chris_Atkinson — Wed, 19 Apr 2023 13:24:35 GMT

What format was used for the domain that was specified and which client & OS versions are involved?

At a certain point this might be easier to have a remote session with TAC to investigate further.

Re: Credential Protection \ Password Reuse

AdiGH — Thu, 20 Apr 2023 10:08:18 GMT

Hi,

You will need to login to a protected site at least one time in order for the protection to work.
Did you do it?

Thanks,
Adi

Re: Credential Protection \ Password Reuse

YaseminAygur — Tue, 25 Apr 2023 09:06:16 GMT

Thank you for the answer. For example I have two domains dgs.lab and dgs.local.I added these domains to protected domains and defined them as adscanner.I tried the test on two different machines. One is windows server 2019 in dgs.lab domain, the other is Workgroup windows 10.I didn't get good results with either of them. I have forwarded the issue to the technical team.As you said, it makes sense to have a remote session with them.

Re: Credential Protection \ Password Reuse

YaseminAygur — Tue, 25 Apr 2023 09:13:07 GMT

Hi,

Thanks for your answer.I can login to any site with my domain password from my protected domain environment.I tested this and I can still login.

Re: Credential Protection \ Password Reuse

AdiGH — Thu, 27 Apr 2023 09:00:42 GMT

Hi @YaseminAygur
Please reach out to me via email with the details of the steps you followed and I'll help you get this resolved. My email address: adigo@checkpoint.com