OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: moran (MoranTIEMIDDLEEAST.COM)
Date: Tue Apr 17 2001 - 03:54:41 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    If you need Complex Passwords
    You should try use Passprop.exe
    it works fine without the need to play with the registry.

    Moran.

    -----Original Message-----
    From: Focus on Microsoft Mailing List [mailto:FOCUS-MSSECURITYFOCUS.COM]On
    Behalf Of Mark Klink
    Sent: Monday, April 16, 2001 11:52 PM
    To: FOCUS-MSSECURITYFOCUS.COM
    Subject: Re: Simple Passwords...

    Could someone please explain what is meant by

    "If the value FPNWCLNT already exists, then edit the value and add
    PASSFILT under FPNWCLNT"

    The current binary value of "Notification Packages" is "FPNWCLNT" followed
    by two null bytes.

    Thanks,
    Mark.

    -----Original Message-----
    From: Focus on Microsoft Mailing List
    [mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Gustavo Basualdo
    Sent: Thursday, April 12, 2001 6:18 PM
    To: FOCUS-MSSECURITYFOCUS.COM
    Subject: Re: Simple Passwords...

    -Extracted from MS Technet, kewords: "enforce strong passwords in Windows
    NT"
    The passfilt.dll, located in \winnt\system32\ ,lets you enforce very strong
    passwords that are at least 6 characters long, with three out of four of the
    following: upper case, lower case, numbers, or symbols. Additionally, you
    won't be able to use your user name or any part of your full name. The
    drawback to this DLL is that you can't modify the requirements unless you
    write your own DLL.Here's how to implement the password filter on each
    domain controller.

    a.. [Start]-Run-Type REGEDT32-[Enter].
    a.. Create (or edit) the following Key:
    HKLM\SYSTEM\CurrentControlSet\Control\Lsa
    a.. Add a REG_MULTI_SZ value called "Notification Packages" with a value of
    PASSFILT (If the value FPNWCLNT already exists, then edit the value and add
    PASSFILT under FPNWCLNT).
    a.. Click OK then exit the Registry Editor [Alt+F4].
    a.. Restart the server.

    Good luck
    Gustavo.
    ----- Original Message -----
    From: "moran" <MoranTIEMIDDLEEAST.COM>
    To: <FOCUS-MSSECURITYFOCUS.COM>
    Sent: Thursday, April 12, 2001 6:31 AM
    Subject: Simple Passwords...

    > Hi,
    > We have here NT 4 domain with windows 2000 pro users..
    > I have problem here that if I set the minimum length of passwords to be 6
    > users using passwords like: 111111 or */*/*/*/*/
    >
    > is there a way on NT4 domain to force users put complicated passwords
    (like
    > in 2000)
    >
    > Moran.
    >