Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Password Quality checker

from [Saqib Ali] Network Security [Permanent Link]
Subject: Re: Password Quality checker
Date: Mon, 25 Dec 2006 20:55:01 -0500 
MS has one on their website for public use. It is pretty cool :

http://www.microsoft.com/athome/security/privacy/password_checker.mspx

Your password never gets sent to any server for checking. And if you
use any other web based utility make sure it is not sending any
anything to a server on the internet. Otherwise they might be
collecting your passwords....

I would recommend implementing a in-house as you have have keep on
updating it....

saqib
http://www.full-disk-encryption.net

On 12/23/06, Johnny Wong <johnnywkm@gmail.com> wrote: 
Hello all,

I was wondering if your organization deploys any password quality
checking tool to help users select policy-compliant passwords? Be it
web-based or client based. I am thinking what type of requirements do
you use to select such tools, and what are the examples out there?

My thoughts:
1) It should not store the user's passwords (be it pass or fail)
2) It should be able to handle complexity rules (or align with Windows GPO)
3) It should also work with Unix/Linux passwords

Thanks,
JW




--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Suspicious network activity advice, Justin Lintz
Next by Date:  Server setup file encryption, kreno
Previous by Thread:  Password Quality checker, Johnny Wong
Next by Thread:  Re: Password Quality checker, intel96
Indexes:  [Date] [Thread] [Top] [All Lists]