Hello Pavan,
The first problem to tackle in this respect is policy. Your
organization needs
to adopt a password policy wherein passwords of a certain quality and
complexity are mandated by IT policy mechanisms. In a windows
environment
you can set these policies using the security and configuration
analysis snap-in.
This is the best way to ensure that the default pass is changed on
first log-in,
and that passwords are routinely updated. You can also mandate that all
passwords be changed at next log-on to ensure that any such passwords
would be updated.
See http://www.sans.org/resources/policies/Password_Policy.pdf for great
advice with respect to passwords. I understand that this doesn't
'answer'
your question, but in the main, adopting a policy with respect to
password
will obviate the need to ask exactly this type of question.
Good luck with the policies.
Sincerely,
Sean Swayze
On 14-Sep-06, at 9:41 PM, vijay shetti wrote:
hello all!!
In my company when we create a new user he is given an initial
password.But then he is told to change the password.The password is
initial of the employee name followed by 123..
for vijay shetti it willl be vs123...
We have a domain based environment.I want to check now how many users
have not changed their initial password using some tool that gives me
list of usernames whose password has 123 in the end.
We follow the same procedure for creating outlook mail password.If
there is any tool/script that also helps me find out this then it will
greatly help me.
Waiting for your reply,
Pavan.
----------------------------------------------------------------------
-----
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you
unmatched consulting experience. Using interactive e-Learning
technology, you can earn this esteemed degree, without disrupting
your career or home life.
http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------
-----
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
