SOURCE: Lieberman Software Corporation

Lieberman Software Corporation

November 07, 2017 06:00 ET

Lieberman Software Survey Reveals Microsoft LAPS Causing Headaches for IT Administrators

Survey Polls IT Professionals About Their Knowledge of Microsoft LAPS' Known Security Weaknesses and Management Challenges

LOS ANGELES, CA--(Marketwired - Nov 7, 2017) - To prevent unauthorized access, computers need unique -- and frequently changing -- local account passwords. Some IT professionals attempt to accomplish this task with a free tool called Microsoft LAPS (Local Administrator Password Solution).

However, according to a Lieberman Software survey at Microsoft Ignite 2017, many Microsoft LAPS users still have problems managing local passwords, and are considering upgrading to a commercial, enterprise-grade alternative.

According to the survey, nearly two-thirds of respondents (65%) admit they use Microsoft LAPS because it's free. But 42% of those surveyed intend to migrate to a paid enterprise password management solution. 

Survey Reveals the Management and Security Risks of Microsoft LAPS

Almost half (47%) of all survey respondents have experienced problems with LAPS managing systems that are not connected to Active Directory. The reason for this figure may be because Microsoft LAPS only operates on connected machines. This means that systems that are not on the corporate domain -- such as in-field laptops, cloud-based systems and air-gapped servers -- often miss scheduled password changes.

Those systems that do not receive regular admin password changes are more likely to be at risk from cyber attacks like pass-the-hash. They may also fall out of compliance with regulatory mandates that require frequent password updates.

Also from the survey -- 61% of respondents who have used Microsoft LAPS are unaware of its security flaws. One of the well-known weaknesses of LAPS is that it stores passwords in clear text, making them easy targets for hackers.

"The conclusions from this survey are that in a misguided attempt to save money, many organizations turn to the free Microsoft LAPS tool and inadvertently expose themselves to serious security risks," said Philip Lieberman, President and CEO of Lieberman Software. "The good news is that the survey finds that many IT professionals are aware of the problems with LAPS. These people are wisely seeking a secure, commercial privileged identity management solution."

A Secure, Cross-Platform Alternative to Microsoft LAPS

Lieberman Software develops RED Identity Management -- the first product that can update local passwords on both online and offline servers, desktops and laptops.

Unlike Microsoft LAPS, RED Identity Management works on Windows, UNIX, Linux and Mac systems. It also encrypts stored passwords, has no dependency on Active Directory, and includes an interface for management operations.

To learn more about securing passwords on offline systems, download the white paper Online vs. Offline Account Management: Connected vs. Disconnected Privileged Identity Management.

About Lieberman Software Corporation
Lieberman Software provides cyber defense products which contain cyber attacks that penetrate the network perimeter. The Lieberman RED - Rapid Enterprise Defense™ Suite focuses on different areas of cyber security, systems configuration and privileged identity management to successfully analyze and remediate compromised environments. The suite provides automated countermeasures against sophisticated cyber attacks to reduce losses to acceptable levels, even during constant attack. For more information, visit https://liebsoft.com, or follow us on Twitter @liebsoft or LinkedIn.

Product and company names herein may be trademarks of their registered owners.

Contact Information