What is the goal? What are you already doing to enforce strong passwords? Are you running passfilt?
This is really a question better suited for the WinNT list, by the way. -----Original Message----- From: James Liddil [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 7:48 AM To: Exchange Discussions Subject: Password Policy Enforcement Let's say one uses pwdump and LophtCrack to look at how secure folks passwords are. Using this approach does anyone have any good guidelines as to a time cut off before a password is cracked to set for establishing that a password has a certain level of security. For example If I use Lophtcrack in the non-brute force mode how many minutes (seconds?) is a good limit? Is anyone using this approach to help manage password security policies? Jim Liddil M.S. Lab/IT Manager Phytoceutica Inc. (203)781-2544 [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
