Quick Silver Systems is taking security seriously and password creation has always been a weak spot for most systems. The problem is: How to make a system enforce a password thats hard to hack when humans want passwords that are easy to remember? That is not easy! When the National Institute of Standards and Technology (NIST) recommended that all web accessible systems should secure against hacking attacks we implemented an API to ensure that every password used in the system is not easy to guess and then we took the NIST recommendation a step further and implemented an API that checks against millions of passwords that have been successfully hacked in the past!
You see, people tend to reuse their passwords and hackers have figured this out! So if your password -or- someone else happened to be using the same password has had their information exposed in any one of the hundreds of recent high profile hacks like (Marriott, JP Morgan Chase, eBay, Equifax, and many, many, more) hackers found that they could use these exposed passwords in future attacks to successfully hack other systems!
The Mercury Password API checks every password as it is being setup against millions of hacked passwords to automatically improve your password policy. In addition, administrators can require as a part of user and group configuration 2-Factor Authentication (2FA) which can be used to further secure logins for administrative users or users with access to sensitive information by moving part of the authentication process onto a personal device that is physically in the users possession.
"We have not only built a better system but we are constantly improving that system using the experience from years of insurance software development as well as the recommendations of TOP security experts in the field. I was surprised that the first time I tested the new API with a password that I have used for years which consisted of random characters as well as both upper and lower case letters, numbers, and two special characters that this (seemingly pretty secure) password had been exposed no less than 48 times in prior successful hacking attempts of other systems! Needless to say - because of the Mercury Systems Password API; I changed my password in several systems including my bank immediately..."