babaganoosh
asked on
How can I tell what users haven't changed their password / still have weak passwords?
I set up users in sbs 2003 R2 with no password. I've since enabled a password policy. I don't want to allow access from the web yet for rww and owa, because not every one has logged in and changed their passwords when in the office. Is there a way to see who hasn't met the policy / who still has a blank password? I'll manually change it to something that meets the policy and let them know what it is... or keep them from accessing the network via the web till they have a more secure password?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Chances of a hacker being interested are minimal. But better safe than sorry. Set the same password for all blank passwords and get them to change it ASAP.
If a hacker would change your password he wouldn't be much of a hacker? All you'd have to do as an admin is change the password again. Surely there ae smarter ways.
Olaf
If a hacker would change your password he wouldn't be much of a hacker? All you'd have to do as an admin is change the password again. Surely there ae smarter ways.
Olaf
ASKER
you're missing what I am saying... he wants to gain access. so a blank password is one of the first he'll try. so if it wants him to change the password, no big deal for him. thenhe has access. sure, I can change the password later. but the hacker got in allready. I want to identify the accounts with weak passwords now, before the hackers find it / them.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I need to identify who still has the blank passwords. I don't want to change everyone. It's looking like I log in as eahch user trying a bklank. if it works, I need to change it? There has to be an easier way!?
You are effectively trying to see other peoples passwords. You'll need to use a third party password program to do this.
You can also tick the box: user has to change password at next logon and set your password policy.
At least you know the passwords won't stay blank for long.
Olaf
You can also tick the box: user has to change password at next logon and set your password policy.
At least you know the passwords won't stay blank for long.
Olaf
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I thought MBSA would do it, but on the sbs box, it says that it doesn't tellyou about the passwords on a domain controller!
ASKER