Hi
Mike,
You
can require "complex" passwords by setting the Domain Security Policy ->
Account Policies -> Password Policy -> Password must meet complexity
requirements.
Here
is more info:
After
setting password complexity, it only applies when a password is changed (or
initially set when a user is created). It does not impact users that are
currently using non-complex passwords.
Regards,
Robbie
Allen
-----Original Message-----
From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 10:39 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Password LookupHi Robbie,I'm not aware that Windows 2000 password complexity switch prevents the use of dictionary words. That certainly has not been the case here. Please let me know if there is some "special" switch to prevent dictionary words and what dictionary it uses. Thanks!Mike ThommesArgonne National Laboratory-----Original Message-----
From: Robbie Allen [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 9:27 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Password LookupI don't believe MS does, but there are a few scripts/tools on the net that can be used to do it. Have you enabled password complexity, which prevents the use of dictionary passwords? Do you have account lockout enabled? It is much harder (i.e. time consuming) to perform dictionary attacks against AD if account lockout is turned on.Robbie Allen-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 10:15 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Password Lookup
Does anyone know if Microsoft provides provisions for doing dictionary lookups on passwords?
Thanks!
Ryan McDonald
Systems Administrator
The Bankers Bank
