Re: Password policy enforcement tools was RE: ADSI question
From: Jose Maria Lopez (jkerouac_at_bgsec.com)
Date: 08/29/04
- Previous message: Laura A. Robinson: "RE: ADSI question"
- In reply to: Eric Peeters: "Password policy enforcement tools was RE: ADSI question"
- Next in thread: Laura A. Robinson: "RE: ADSI question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: focus-ms@securityfocus.com Date: 29 Aug 2004 18:58:27 +0200
El vie, 27 de 08 de 2004 a las 23:26, Eric Peeters escribió:
> Hijacking on this thread (with my apologies), I was wondering whether many admins use
> third-party password policy enforcement tools and whether it has led to less password
> cracking.
>
> I use one such tool to reach what I think is a reasonable middle ground between the basic
> Windows 2000 password settings and complex password requirements, and I find that I need
> to crack my users' passwords less often. Since they now have no choice but to comply with
> my password policy, password cracking has gone from being an enforcement tool to being a
> way of checking that my policy is neither too loose nor too restrictive and fine-tuning
> said policy accordingly.
>
> Am I being too confident in a tool in performing less password crackings, or am I not
> alone out there ?
>
> Eric Peeters
> R. Ibarra's Inc.
>
It's a good thing to have, but have in mind that if people gets too hard
to remember password they usually end writing them down in papers,
post-its, palms and that kind of things. The better thing to do it's to
impose a method to make good passwords, like choosing a phrase and
taking the first letter of each word, substituting 'l' for '1' or
'o' for '0' and similar things.
Anyway it's always a good practice to try to break the passwords of
your users at least once a month even if you have any of this kind
of systems.
-- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@bgsec.com bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÑA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road" --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Laura A. Robinson: "RE: ADSI question"
- In reply to: Eric Peeters: "Password policy enforcement tools was RE: ADSI question"
- Next in thread: Laura A. Robinson: "RE: ADSI question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
