Link to home
Start Free TrialLog in
Avatar of churchlandsshs
churchlandsshsFlag for Australia

asked on

HTA Check Complex Password

I need a subroutine to include in a HTA that checks that a password is complex according to Microsoft Active Directory ie:
*at least 6 characters long
*does not contain 3 or more characters from the user accounts name
and contains 3 of the 5 following criteria:
*Uppercase letters (A-Z)
*Lowercase letters (a-z)
*Numbers (0-9)
*Non-alphanumeric (eg !, @, #, $, % etc)
*Unicode characters

Any help much appreciated :-)
Avatar of chandru_sol
chandru_sol
Flag of India image
Try this script



Chandru
'==============================================================================
'
' VBScript Source File -- Created with SAPIEN Technologies PrimalScript 2007
'
' NAME: 
'
' AUTHORS: Mark F. Mahoney, NGIT and James P. Wrench, NGIT
' DATE  : 10/26/2007
'
' COMMENT: This component generates complex passwords with controlled
'   content requirements of a minimum of 2 upper case letters, 2 lower Case
'   letters, 2 numbers and 2 special characters. It uses ASCII conversions
'   because there is no need to build an array of all the characters needed,
'   they already exist in the ASCII Table retrieved from;
'       http://ascii-table.com ....
'
' The problem to solve is how to guarantee that a minimum of those characters
'   exist within the PW. So we controll it by randomizing the each ASCI table
'   range for Each catagory and build the PW. The following is the ASCII
'   table's decimal range;
'	 Upper Case   65-90
'	 Lower Case   97-122
'	 Special Char 33-47, 58-64, (91-96, 123-126 are not used)
'    Numbers 	 48-57
'  Once done, the wscript built in conversion of "Chr()" is used to do the
'  decimal to character convertion for the final PW.
'==============================================================================
Option Explicit
'==============================================================================
' Declaring all the variables....
'==============================================================================
Dim PWLen
Dim PWLen1
Dim PWLen2
Dim PWLen3
Dim PWLen4
Dim PWLen5
Dim NewPW
Dim TempPW
Dim FinalPW
Dim AddChr
Dim UCaseChrMin
Dim UCaseChrMax
Dim LCaseChrMin
Dim LCaseChrMax
Dim SpecialChrMin
Dim SpecialChrMax
Dim SpecialChr2Min
Dim SpecialChr2Max
Dim NumberMin
Dim NumberMax
Dim a()
Dim i
Dim PW
Dim Value, ValueString
 
'==============================================================================
' Initializing variable values...
'  The min-max are the ranges from which to randomize...
'==============================================================================
UCaseChrMin 	= 65
UCaseChrMax		= 90
LCaseChrMin		= 97
LCaseChrMax		= 122
SpecialChrMin	= 33
SpecialChrMax	= 47
SpecialChr2Min	= 58
SpecialChr2Max	= 64
NumberMin		= 48
NumberMax		= 57
 
PWLen			= 0
PWLen1			= 0
PWLen2			= 0
PWLen3			= 0
PWLen4			= 0
NewPW			= ""
FinalPW			= ""
 
'==============================================================================
' The following five (5) loops control the minimum content type of the PW...
' The problem that this introduces is a PW pattern from building it one Loop
'   after another...
'
' To fix the PW pattern problem the content is scrambled. This is done by
'  creating an array to store each character and rebuilding the PW...
'
' To view the progress of the PW generation unremark the Echo statements...
'
' The syntax for the Rnd() is a standard form that states that the intergers
' upper case max and upper case min is the range and increment starting 
' from the upper case min...
' 
'==============================================================================
Randomize
 
Do While PWLen < 3
 
	AddChr = Int((UCaseChrMax - UCaseChrMin + 1) * Rnd() + UCaseChrMin)
	NewPW = NewPW & Chr(AddChr)
	PWLen = PWLen + 1
 
	WScript.Echo AddChr
	WScript.Echo NewPW
		
Loop
 
Do While PWLen1 < 3
 
	AddChr = Int((LCaseChrMax - LCaseChrMin + 1) * Rnd() + LCaseChrMin)
	NewPW = NewPW & Chr(AddChr)
	PWLen1 = PWLen1 + 1
 
	WScript.Echo AddChr
	WScript.Echo NewPW
		
Loop
 
Do While PWLen2 < 4
 
	AddChr = Int((SpecialChrMax - SpecialChrMin + 1) * Rnd() + SpecialChrMin)
	NewPW = NewPW & Chr(AddChr)
	PWLen2 = PWLen2 + 1
 
	WScript.Echo AddChr
	WScript.Echo NewPW
		
Loop
 
Do While PWLen3 < 4
 
	AddChr = Int((NumberMax - NumberMin + 1) * Rnd() + NumberMin)
	NewPW = NewPW & Chr(AddChr)
	PWLen3 = PWLen3 + 1
 
	WScript.Echo AddChr
	WScript.Echo NewPW
		
Loop
 
Do While PWLen4 < 2
 
	AddChr = Int((SpecialChr2Max - SpecialChr2Min + 1) * Rnd() + SpecialChr2Min)
	NewPW = NewPW & Chr(AddChr)
	PWLen4 = PWLen4 + 1
 
	WScript.Echo AddChr
	WScript.Echo NewPW
		
Loop
 
'==============================================================================
'  The following takes the password and removes the pattern...
'    1. Initialize a variable with the value of the newly created PW...
'    2. Initialize a variable with its length...
'	 3. Read each character into the array a()...
'	 4. Do loop till all origional characters are selected randomly...
'	A seperator ":" was needed before and after each character to allow
'     for numbers above 9...
'	 
'==============================================================================
TempPW = NewPW
 
PWLen5 = Len(TempPW)
ReDim a(PWLen5 - 1)
 
For i = 0 To PWLen5 - 1
    a(i) = Left(TempPW,1)
    TempPW = Right(TempPW,Len(TempPW) - 1)
Next
 
		' Generate the new password by randomizing the 1st generation
		'  randomixed characters till 16 have been reached...
Do While len(FinalPW) < 16
 
	Value = Int((15 - 0 + 1) * Rnd + 0)
	
		' Has the character position been used, if so continue the selection...
		
	If InStr(ValueString, ":" & Value & ":") > 0 Then
			' Do nothing...
		'Wscript.Echo "String " & ValueString
		
	Else 	
 
		PW = a(Value)
		FinalPW = FinalPW + PW
 
			' Put the numeric value (position) in a string so that character does not get used a second time...
			' The ":" in front and in back of the value accomodate numbers > 9, IE 16...
		ValueString = ValueString & ":" & Value & ":"
 
	End If
 
Loop	
			' The variable "FinalPW" is now the PW and can be used as you see fit...
			' This will be used as a component in a larger script that will change all 
			' local administrator PWs every 59 days...
WScript.Echo(vbLf & "We start with the patterned PW of:              " &  NewPW)
WScript.Echo("    Notice the pattern of 3up,3low,4sp," & vbLf &_
"    4num,2sp characters that need to" & vbLf &_ 
"    be randomized...")
WScript.Echo("When we randomized w/o repeats the PW becomes:  " & FinalPW & vbLF)

Open in new window

Avatar of churchlandsshs
churchlandsshs
Flag of Australia image

ASKER

Thanks for your response Chandru, but I need a script which checks the complexity of a password entered by the user, rather than generating a complex password.
Avatar of chandru_sol
chandru_sol
Flag of India image
Rather than checking the password enterted can't this be automated using the script so that there is no necessary to check complexity of the password


Chandru
Avatar of churchlandsshs
churchlandsshs
Flag of Australia image

ASKER

I'd prefer that the initial password created for these users isn't totally random, as they are fairly young kids. But that is an option if i get no other responses.
ASKER CERTIFIED SOLUTION
Avatar of rejoinder
rejoinder
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial