Focus on Microsoft
Re: Prevent users to use specifics words in Passwords Sep 30 2010 09:11PM
Per Thorsheim (putilutt online no)
On Thu, 2010-09-30 at 22:28 +0200, Per Thorsheim wrote:
> On Thu, 2010-09-30 at 13:17 -0400, Alberto Medina wrote:
> > Hi all,
> > I'd like to know how to prevent users from use specifics words in their password in Windows Server 2003. In the company users are required to change their password every 45 days, but some users use some words related to the company or the business, there's a way to prevent this in Windows Server 2003? Some kind of dictionary for words that can't be use?
> >
> > Thank you and best regards,
> > Alberto Medina
> >
> >
> >
>
Best solution; create your own version of the passfilt.dll filter,
source code available at the Microsoft website. That way you can create
any type of rules you want basically.

There are also third-party solutions of course, but nothing native
within the OS that will satisfy any password auditor. :-)

--
--
Best regards,
Per Thorsheim
CISA, CISM, CISSP-ISSAP
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEABECAAYFAkyk/PEACgkQsXl+Y9DQrvbIpQCdGFdP1fi+N3kF8GAlxWejVyiA
ljgAoOj7ZjIg/Utt6i0Ib5uNTtvMxhbm
=tTKb
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus