Ucankite2 said:
Hi all, I use windows 2000 Servers running AD and have
the Group Policy set for complex passwords, but people
have daft passwords like Password.1. Is there any way to
stop certain password being used.
There may be third party software solutions such as replacement GINA's etc
available.
Alternatively you can get people to reset there password via an internal web
site where you can code for whatever checks you wish.
Another approach is to make it a matter of company policy that you use a
genuinely strong password that is not a dictionary work and a numerical
value. You turn on complex passwords as you have and then you regularly run
a job using a third party tool that brute force cracks the passwords in the
directory. Any passwords that fail to meet the published company polices
lead the person to a disciplinary process (warnings verbal written and
eventually dismissal).
Good security is not just about technology but also about firm company
policy , communication of that policy and enforcement of it by various
means.
--
Regards,
Mike
--
Mike Brannigan [Microsoft]
This posting is provided "AS IS" with no warranties, and confers no
rights
Please note I cannot respond to e-mailed questions, please use these
newsgroups
