Security Basics mailing list archives
Re: Password Quality checker
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Mon, 25 Dec 2006 20:55:01 -0500
MS has one on their website for public use. It is pretty cool : http://www.microsoft.com/athome/security/privacy/password_checker.mspx Your password never gets sent to any server for checking. And if you use any other web based utility make sure it is not sending any anything to a server on the internet. Otherwise they might be collecting your passwords.... I would recommend implementing a in-house as you have have keep on updating it.... saqib http://www.full-disk-encryption.net On 12/23/06, Johnny Wong <johnnywkm () gmail com> wrote:
Hello all, I was wondering if your organization deploys any password quality checking tool to help users select policy-compliant passwords? Be it web-based or client based. I am thinking what type of requirements do you use to select such tools, and what are the examples out there? My thoughts: 1) It should not store the user's passwords (be it pass or fail) 2) It should be able to handle complexity rules (or align with Windows GPO) 3) It should also work with Unix/Linux passwords Thanks, JW
-- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net
Current thread:
- Password Quality checker Johnny Wong (Dec 25)
- Re: Password Quality checker Saqib Ali (Dec 27)
- Re: Password Quality checker intel96 (Dec 29)
- Message not available
- Re: Password Quality checker Johnny Wong (Dec 27)
- Re: Password Quality checker Steven (Dec 29)
- Re: Password Quality checker Arun Bhaskar (Dec 29)
- Re: Password Quality checker Johnny Wong (Dec 27)
- Re: Password Quality checker Saqib Ali (Dec 27)
- <Possible follow-ups>
- RE: Password Quality checker Hayes, Bill (Dec 29)