Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Focus on Microsoft
Password complexity - improvement Aug 15 2007 06:14AM
dubaisans dubai (dubaisans gmail com) (5 replies)
RE: Password complexity - improvement Aug 16 2007 01:44PM
Jim Harrison (Jim isatools org)
Re: Password complexity - improvement Aug 15 2007 06:39PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net) (4 replies)
Re: Password complexity - improvement Aug 24 2007 09:53PM
Chris Barber (cmbarber gmail com)
RE: Password complexity - improvement Aug 16 2007 09:00PM
Adrian Marsden (amarsden jvsdet org)
RE: Password complexity - improvement Aug 16 2007 04:32PM
Thor (Hammer of God) (thor hammerofgod com) (2 replies)
Re: Password complexity - improvement Aug 16 2007 09:09PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
RE: Password complexity - improvement Aug 16 2007 06:50PM
Devin Ganger (DevinG 3sharp com) (1 replies)
RE: Password complexity - improvement (correction) Aug 17 2007 09:29PM
James D. Stallard (james leafgrove com)
RE: Password complexity - improvement Aug 15 2007 10:53PM
Adrian Marsden (amarsden jvsdet org) (1 replies)
How?

26*26*10*(however many special characters you want to allow) > 26*26*10

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] on behalf of Ansgar -59cobalt- Wiechers
Sent: Wed 8/15/2007 2:39 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Cc:
Subject: Re: Password complexity - improvement

On 2007-08-15 dubaisans dubai wrote:
> Is there a way to improve the password complexity requirements in
> Windows 2000/2003 servers
>
> The default will enforce 3 of the following 4 properties - Uppercase,
> smallercase, numbers, special-characters.
>
> Is there a way to enforce all 4 properties.

Enforcing passwords that MUST consist of uppercase letters, lowercase
letters, numbers AND special characters reduces the total number of
possible passwords, which in consequence has a negative impact on your
security.

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

[ reply ]
Re: Password complexity - improvement Aug 16 2007 03:39PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)
RE: Password complexity - improvement Aug 15 2007 06:12PM
Kunz, Jeffrey T. (JKunz foley com)
SV: Password complexity - improvement Aug 15 2007 05:55PM
Per Thorsheim (putilutt online no)
RE: Password complexity - improvement Aug 15 2007 04:25PM
Bean, John (DSHS) (BeanWj dshs wa gov) (1 replies)
RE: Password complexity - improvement Aug 15 2007 08:44PM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)
RE: Password complexity - improvement Aug 16 2007 05:16PM
James D. Stallard (james leafgrove com) (1 replies)
Re: Password complexity - improvement Aug 16 2007 05:49PM
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net)







 

Privacy Statement
Copyright 2009, SecurityFocus