Solved

Disabling users from using dicitonary passwords....enabling complex passwords does not seem to do this

Posted on 2004-08-03
3
217 Views
Last Modified: 2012-05-05
I have a security requirment at work where users are supposed to have a complex passwords containing a minumum of 8 characters, upper and lower case, numbers and/or special characters and CAN NOT be a dictionary word. This is for a stand-alone system and I have enabled Complex Passwords in the local group policy, but that does not seem to do the dictionary check? Any suggestions would be appreciated.
0
Comment
Question by:andy86
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 

Expert Comment

by:theravibes
ID: 11712410
In order to answer this question, we need a little more information...

More specifically...

What operating system?
Are the user accounts managed client-side or server-side?
If it is done server-side, is it done by a local profile with server-side authentication, or is it actually a roaming profile?
What operating system is the server running (if it exists)?
What application on the server are you currently using to manage your accounts (Again, assuming that you use server-side authentication)?

If you could answer these quick few questions, then I can help you with the answer.

Perhaps the best solution that you could do if your profiles are managed server-side is to use a blacklisted passwords list, where you would have a large text document containing any strings that you would not like the end user to be capable of using. (I have only seen this ability in linux-based Windows User Profile management applications such as UMS)

You could also be possible to write a script which would check all passwords on the server before acceptance...

Tyson Edwards
0
 

Author Comment

by:andy86
ID: 11721330
to answer your questions. It is several completely stand alone Windows 2000 systems (not connected in anyway). We are using the local security policy(s) in windows. I wish I could network them and run a server, but can not do to government security requirments. I was looking at EnFIlter at http://security.di.unito.it/software/enfilter.html but need to get some more info on it. Have you used any thing like that before? I really wish I could use your suggestion of the linux based wondows profile thing, but am limited in what I am allowed to do.

Let me know what you thnik. Thanks in advance.
0
 
LVL 1

Accepted Solution

by:
CBF-IT earned 50 total points
ID: 11723108
If you are using a win server, I think you will have to find or create a custom password filter. The article at http://www-nt.stanford.edu/docs/leland.html may be of some interest to you in this regard. Dictionary word files are pretty easy to download any where on the internet, so you could use that to get started with your word filter discussed in that article.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses
Course of the Month5 days, 9 hours left to enroll

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question