Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Password Filtering

from [M. Burnett] Network Security [Permanent Link]
Subject: RE: Password Filtering
Date: Fri, 28 Jul 2006 22:56:18 -0600 
I believe what you are referring to is the NSA's EnPasFlt.dll filter. That
enforces passwords of at least 8 characters and 4 character sets. This is
only available to government agencies and the docs say it can handle a
maximum of 500 password changes at once. 

Another tool is Password Policy Enforcer:
http://www.anixis.com/products/ppe/default.htm. This tool has more advanced
features and is a bit friendlier to end users.

Of course, the friendliest--and mathematically equivalent--thing is to just
enforce long passwords and make the use of character sets optional. 



Mark Burnett
--------------------
"Perfect Passwords"






-----Original Message-----
From: Strand, John (Mission Systems) [mailto:John.Strand@ngc.com]
Sent: Friday, July 28, 2006 2:05 PM
To: Mueller, Daniel; focus-ms@securityfocus.com
Subject: RE: Password Filtering

Look at the password filter in the DISA SSR .zip package... It might do
this.

john

-----Original Message-----
From: Mueller, Daniel [mailto:daniel.mueller@nmci-isf.com]
Sent: Friday, July 28, 2006 12:12 PM
To: focus-ms@securityfocus.com
Subject: Password Filtering

Does anyone have data or tools for modifying the PASSFILT.DLL to ensure
passwords use all 4 character sets vice 3?  New requirements at work
require this to be enforced.

Thanks
Dan

-----------------------------------------------------------------------
-
---
-----------------------------------------------------------------------
-
---


-----------------------------------------------------------------------
----
-----------------------------------------------------------------------
----



---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Administrivia] MS Exchange, mfossi
Next by Date:  RE: MS Exchange, Mike Robinson
Previous by Thread:  RE: Password Filtering, Strand, John (Mission Systems)
Next by Thread:  RE: MS Exchange, Mike Robinson
Indexes:  [Date] [Thread] [Top] [All Lists]