Disabling users from using dicitonary passwords....enabling complex passwords does not seem to do this

In order to answer this question, we need a little more information...

More specifically...

What operating system?
Are the user accounts managed client-side or server-side?
If it is done server-side, is it done by a local profile with server-side authentication, or is it actually a roaming profile?
What operating system is the server running (if it exists)?
What application on the server are you currently using to manage your accounts (Again, assuming that you use server-side authentication)?

If you could answer these quick few questions, then I can help you with the answer.

Perhaps the best solution that you could do if your profiles are managed server-side is to use a blacklisted passwords list, where you would have a large text document containing any strings that you would not like the end user to be capable of using. (I have only seen this ability in linux-based Windows User Profile management applications such as UMS)

You could also be possible to write a script which would check all passwords on the server before acceptance...

Tyson Edwards

to answer your questions. It is several completely stand alone Windows 2000 systems (not connected in anyway). We are using the local security policy(s) in windows. I wish I could network them and run a server, but can not do to government security requirments. I was looking at EnFIlter at http://security.di.unito.it/software/enfilter.html but need to get some more info on it. Have you used any thing like that before? I really wish I could use your suggestion of the linux based wondows profile thing, but am limited in what I am allowed to do.

Let me know what you thnik. Thanks in advance.