|
Posted by =?Utf-8?B?ZGF1ZGF2ZXZo?= on July 7, 2005, 11:15 am
If you were Registered and logged in, you could reply and use other advanced thread options
Can MSBA be used for password complexity checking for local users on a
computer?
|
|
Posted by Lanwench [MVP - Exchange] on July 7, 2005, 12:24 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Can MSBA be used for password complexity checking for local users on a
> computer?
I haven't downloaded the latest version and tried it to look for this
specifically, but I'll bet you could. ;-)
|
|
Posted by =?Utf-8?B?V29uZyBUdWNrIFdhaA== on July 7, 2005, 1:58 pm
If you were Registered and logged in, you could reply and use other advanced thread options
password checking have not been changed since the previous versions.
A simple test shows that a user created locally and given a password of
"hello" has passed the MBSA weak password check.
MBSA does not use any dictionary or brute force methods for password
checking, it simply based on enumerating user accounts and checks for the
following conditions:
1. Blank password
2. Password same as the user account name.
3. Password same as the computer name.
4. Password is "password."
5. Password is "admin" or "administrator."
To check for password complexities, you may need to purchase 3rd party
product like LC5 from @stake, which use both dictionary and brute force audit
on password.
http://www.atstake.com (@stake was recently aquired by symantec)
HTH.
|
|
Posted by Steven L Umbach on July 7, 2005, 3:13 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Policy to enforce password complexity for domain and local users. If not in
a domain you can configure Local Security Policy to do the same though nay
local administrator could undo such. A startup script could also be
configured using secedit and a security template to reapply the security
template at each computer startup to maintain enforcement of password
complexity. You also might look into trying LanGuard to see if it can scan
for what you want. You can download a free trial time limited version. ---
Steve
http://www.gfi.com/lannetscan/ --- LanGuard
> Can MSBA be used for password complexity checking for local users on a
> computer?
|
| Similar Threads | Posted | | Password Complexity | December 8, 2005, 12:32 pm |
| Password complexity | May 12, 2008, 3:02 pm |
| Policy for Password Complexity | July 21, 2006, 1:25 pm |
| Change password complexity | July 14, 2008, 6:26 pm |
| Password complexity in W2K Pro/Serv network | September 12, 2005, 2:01 pm |
| Re: Password complexity in W2K Pro/Serv network | October 4, 2005, 2:35 am |
| Re: Good password change fails due to complexity. | September 1, 2005, 11:46 am |
| Good password change fails due to complexity. | September 1, 2005, 11:34 am |
| AD 2003 Password Complexity and French Keyboard drivers | May 16, 2007, 12:43 pm |
| Delete MSBA reports/scans | June 30, 2008, 12:01 pm |
|
XML site map