|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Password policy enforcement tools was RE: ADSI question
From: Jose Maria Lopez (jkerouac
bgsec.com)
Date: Sun Aug 29 2004 - 11:58:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
El vie, 27 de 08 de 2004 a las 23:26, Eric Peeters escribió:
> Hijacking on this thread (with my apologies), I was wondering whether many admins use
> third-party password policy enforcement tools and whether it has led to less password
> cracking.
>
> I use one such tool to reach what I think is a reasonable middle ground between the basic
> Windows 2000 password settings and complex password requirements, and I find that I need
> to crack my users' passwords less often. Since they now have no choice but to comply with
> my password policy, password cracking has gone from being an enforcement tool to being a
> way of checking that my policy is neither too loose nor too restrictive and fine-tuning
> said policy accordingly.
>
> Am I being too confident in a tool in performing less password crackings, or am I not
> alone out there ?
>
> Eric Peeters
> R. Ibarra's Inc.
>
It's a good thing to have, but have in mind that if people gets too hard
to remember password they usually end writing them down in papers,
post-its, palms and that kind of things. The better thing to do it's to
impose a method to make good passwords, like choosing a phrase and
taking the first letter of each word, substituting 'l' for '1' or
'o' for '0' and similar things.
Anyway it's always a good practice to try to break the passwords of
your users at least once a month even if you have any of this kind
of systems.
--
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouacbgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA
The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
-- Jack Kerouac, "On the Road"
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]