Focus on Microsoft
Password complexity - improvement Aug 15 2007 06:14AM
dubaisans dubai (dubaisans gmail com) (5 replies)
RE: Password complexity - improvement Aug 16 2007 01:44PM
Jim Harrison (Jim isatools org)
Re: Password complexity - improvement Aug 15 2007 06:39PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (4 replies)
Re: Password complexity - improvement Aug 24 2007 09:53PM
Chris Barber (cmbarber gmail com)
RE: Password complexity - improvement Aug 16 2007 09:00PM
Adrian Marsden (amarsden jvsdet org)
RE: Password complexity - improvement Aug 16 2007 04:32PM
Thor (Hammer of God) (thor hammerofgod com) (2 replies)
Re: Password complexity - improvement Aug 16 2007 09:09PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
RE: Password complexity - improvement Aug 16 2007 06:50PM
Devin Ganger (DevinG 3sharp com) (1 replies)
RE: Password complexity - improvement (correction) Aug 17 2007 09:29PM
James D. Stallard (james leafgrove com)
RE: Password complexity - improvement Aug 15 2007 10:53PM
Adrian Marsden (amarsden jvsdet org) (1 replies)
Re: Password complexity - improvement Aug 16 2007 03:39PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
RE: Password complexity - improvement Aug 15 2007 06:12PM
Kunz, Jeffrey T. (JKunz foley com)
SV: Password complexity - improvement Aug 15 2007 05:55PM
Per Thorsheim (putilutt online no)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Microsoft has source code available for creating your own version of
passfilt.dll. I will highly recommend doing this if you do not want
to purchase third-party software. Additionally you should implement
the various recommendations given by Microsoft and others concerning
issues like LM/NTLM hash storage, using LM/NTLMNTLMv2 across the
network, the saving of cached logon credentials on servers and
workstations etc.

Regards,
Per Thorsheim
CISA, CISM, CISSP-ISSAP

- -----Opprinnelig melding-----
Fra: listbounce (at) securityfocus (dot) com [email concealed]
[mailto:listbounce (at) securityfocus (dot) com [email concealed]] På vegne av dubaisans dubai
Sendt: 15. august 2007 08:15
Til: focus-ms (at) securityfocus (dot) com [email concealed]
Emne: Password complexity - improvement

Is there a way to improve the password complexity requirements in
Windows 2000/2003 servers

The default will enforce 3 of the following 4 properties - Uppercase,
smallercase, numbers, special-characters.

Is there a way to enforce all 4 properties. I donot want to install
third-party software

I have read about customising passfilt.dll . Is that recommended.
Does MS provide a customised passfilt.dll for download and install.

Are there any support issues if I go for something like this ?

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRsM+A7F5fmPQ0K72EQIyHQCgkSXkESbIfgf5Th3vHQDtfL8VcwQAoMAJ
qRAuos+bDoWV+MQAY0Xsvbsd
=y0Kh
-----END PGP SIGNATURE-----

[ reply ]
RE: Password complexity - improvement Aug 15 2007 04:25PM
Bean, John (DSHS) (BeanWj dshs wa gov) (1 replies)
RE: Password complexity - improvement Aug 15 2007 08:44PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
RE: Password complexity - improvement Aug 16 2007 05:16PM
James D. Stallard (james leafgrove com) (1 replies)
Re: Password complexity - improvement Aug 16 2007 05:49PM
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net)


 

Privacy Statement
Copyright 2010, SecurityFocus