Increasing Password Complexity
Last response: in Windows 2000/NT
Archived from groups: microsoft.public.win2000.security (More info?)
Hi All, are there any products that I can install that will increase the
complexity requirements of the passwords users use. Currently I have the
standard windows complexity enabled but users can type in Password9 which
conforms but still contains a dictionary word. I would like to stop users
using dictionary words and more random letters. Sadistic I know but where's
the fun otherwise.
Thanks,
Liam.
Hi All, are there any products that I can install that will increase the
complexity requirements of the passwords users use. Currently I have the
standard windows complexity enabled but users can type in Password9 which
conforms but still contains a dictionary word. I would like to stop users
using dictionary words and more random letters. Sadistic I know but where's
the fun otherwise.
Thanks,
Liam.
More about : increasing password complexity
Archived from groups: microsoft.public.win2000.security (More info?)
They will still find ways around it as in Passw0rd9!. Train them to use
passphrases and then you can increase the minimum lenght to 15 or more. A
password such as - I forget my stupid password - would be a very strong
password based on it's length and be easy to remember. In high security
situations you should look at using smart cards, possibly at least for
administrators and key personnel. If you make it too hard for users they
will simply write their passwords down and keep them under the keyboard or
such. There are third party tools. If you search Google for custom
passfilt.dll you should find some if that is the way you want to go.
Disabling storeage of lm password hashes will also go a long way to
protecting passwords from brute force attacks. --- Steve
http://support.microsoft.com/default.aspx?scid=KB;EN-US;q299656&
"Liam Waters" <LiamWaters@discussions.microsoft.com> wrote in message
news:7449B94B-B1B8-4C8A-9B33-07C7DA9AB741@microsoft.com...
> Hi All, are there any products that I can install that will increase the
> complexity requirements of the passwords users use. Currently I have the
> standard windows complexity enabled but users can type in Password9 which
> conforms but still contains a dictionary word. I would like to stop users
> using dictionary words and more random letters. Sadistic I know but
> where's
> the fun otherwise.
> Thanks,
> Liam.
They will still find ways around it as in Passw0rd9!. Train them to use
passphrases and then you can increase the minimum lenght to 15 or more. A
password such as - I forget my stupid password - would be a very strong
password based on it's length and be easy to remember. In high security
situations you should look at using smart cards, possibly at least for
administrators and key personnel. If you make it too hard for users they
will simply write their passwords down and keep them under the keyboard or
such. There are third party tools. If you search Google for custom
passfilt.dll you should find some if that is the way you want to go.
Disabling storeage of lm password hashes will also go a long way to
protecting passwords from brute force attacks. --- Steve
http://support.microsoft.com/default.aspx?scid=KB;EN-US;q299656&
"Liam Waters" <LiamWaters@discussions.microsoft.com> wrote in message
news:7449B94B-B1B8-4C8A-9B33-07C7DA9AB741@microsoft.com...
> Hi All, are there any products that I can install that will increase the
> complexity requirements of the passwords users use. Currently I have the
> standard windows complexity enabled but users can type in Password9 which
> conforms but still contains a dictionary word. I would like to stop users
> using dictionary words and more random letters. Sadistic I know but
> where's
> the fun otherwise.
> Thanks,
> Liam.
Quote:
Archived from groups: microsoft.public.win2000.security (More info?)Hi All, are there any products that I can install that will increase the
complexity requirements of the passwords users use. Currently I have the
standard windows complexity enabled but users can type in Password9 which
conforms but still contains a dictionary word. I would like to stop users
using dictionary words and more random letters. Sadistic I know but where's
the fun otherwise.
Thanks,
Liam.
Yes you are absolutely rite.
yet there is a way you can create strong password with random characters
check this link
Also poll on this page
know how to create a good password? And how can you remember more than one of them? Here are some tips and tricks to maintain individual strong passwords for all of your online accounts.
url 1
Create Different Passwords For Each Account
url 2
Know What passwords to avoid
url 3
At last Check the strength of your password
url 4
url 1
Create Different Passwords For Each Account
url 2
Know What passwords to avoid
url 3
At last Check the strength of your password
url 4
Related ressources:
- ForumPassword complexity policy disabled but still rerquired
- Forumpassword complexity
- ForumPassword Complexity Policy
- Forumpage
- ForumSetting Password complexity requirements
- ForumPassword complexity CANT be disabled
- ForumCant disable password complexity
- ForumSetting password complexity
- ForumExisting Password - Complexity Requirement turned on
- ForumHow do I customize Password Complexity ?
- ForumPassword Complexity / User Settings
- ForumTo disable complex password option in win2003 std.
- ForumComplexity ?
- ForumImplementing Minimum Password length
- ForumParallel and com ports not appearing in device manager
- ForumPassword reset in Active directory
- ForumOld admin took password to his grave
- ForumChange password policy
- ForumW2K Pro password files
- Forumpassword expiration
- More resources
!
