Security Basics mailing list archives
Re: user default password checking tool
From: Terry Lowery <tlowery () swiftsystems com>
Date: Wed, 27 Sep 2006 09:12:47 -0400
Machiavel,That is a good question. I am not sure that it will raise the bad login count. The function is not logging in it is changing the password.
I will have to check this out.
Terry
---------------------------------------------------------------------------
Terry Lowery - tlowery () SwiftSystems com
Systems Engineer - Swift Systems, Inc.
Your True Technology Partner
www.SwiftSystems.com
Toll Free : 877-Swift-Si
Local : 301-682-5100
Fax : 301-682-5082
- Hosting and Collocation
- Broadband Internet Access for Business
- Network Engineering and Support Services
--------------------------------------------------------------------------
Machiavel wrote:
Terry, Nice script idea but one question, if you choosed to block the account after let's say 3 unseccesful attempts, is your script going to count as one attempt ?? Thanks On 9/25/06, Terry Lowery <tlowery () swiftsystems com> wrote:I wrote a vb script a while back that set users password to what I wanted it to be and set the user must change password flag. I changed the password to the current default password that way they could still log in with out my support but they had to change the password to something else. The function I used to change the password required the current user password to be correct. Here is how it worked: -Change the password current password "name123" new password "name123" -If this is successful than set the user must change password flag. -If the change password failed then move on to the next account. The way this would work in this situation would be to run the change password function using the password you setup as default for the user and instead of setting the password must be change flag just log the user name to a file. If you are interested in the script email me and I will see if I can dig it up. Alexander Bolante wrote: > Josh's suggestion is good for you to note when creating "future" AD > accounts. > > For your immediate need, that is, determining whether "current" AD > users have changed their password from the default 'name123' you have > a few options. I've used the following in the past and ran these > scripts on one of the DCs. Of course, you'll need to decide what > impact/risks are involved with running it, when to run it, etc. but > they're minimal and shouldn't impact performance too much because > they're just reads. It obviously depends on your network, # of > accounts to scan, etc. > > Here are the links: >> http://www.microsoft.com/technet/scriptcenter/resources/qanda/jul05/hey0705.mspx> > http://www.rlmueller.net/PwdLastChanged.htm > > Wordsmith the scripts from the sites above and run a few tests to get > the results you want e.g. you may want to do only 10 reads. > > Good luck and let us know how it goes. > > Cheers! > Alexander > > On 9/22/06, Josh Parker <josh.g.parker () gmail com> wrote: >> If you are in an Windows 2003/2000 domain enviroment, you can simply >> setup option on the acount to Force a user to change there password >> upon the next login. To keep the user from using the same password, >> you can set Password History to remember the last password, (the last >> 3 passwords is a good recomendation) You can also set it to require >> complex passwords when they change there password. You can also set >> the password age, so they have to change it after a sertain amount of >> days. >> >> Hope that helps >> >> JOsh >> >> On 9/14/06, vijay shetti <vijay.shetti () gmail com> wrote: >> > hello all!! >> > >> > In my company when we create a new user he is given an initial >> > password.But then he is told to change the password.The password is >> > initial of the employee name followed by 123.. >> > for vijay shetti it willl be vs123... >> >>> > We have a domain based environment.I want to check now how many users >> > have not changed their initial password using some tool that gives me>> > list of usernames whose password has 123 in the end. >> > >> > >> > We follow the same procedure for creating outlook mail password.If>> > there is any tool/script that also helps me find out this then it will>> > greatly help me. >> > >> > >> > Waiting for your reply, >> > Pavan. >> > >> >>> --------------------------------------------------------------------------->> >> > This list is sponsored by: Norwich University >> > >> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE >> > The NSA has designated Norwich University a center of Academic >> Excellence >> > in Information Security. Our program offers unparalleled Infosec >> management >> > education and the case study affords you unmatched consulting >> experience. >> > Using interactive e-Learning technology, you can earn this esteemed >> degree, >> > without disrupting your career or home life. >> > >> > http://www.msia.norwich.edu/secfocus >> >>> --------------------------------------------------------------------------->> >> > >> > >>>> --------------------------------------------------------------------------->> >> This list is sponsored by: Norwich University >> >> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE >> The NSA has designated Norwich University a center of Academic >> Excellence >> in Information Security. Our program offers unparalleled Infosec >> management >> education and the case study affords you unmatched consulting >> experience. >> Using interactive e-Learning technology, you can earn this esteemed >> degree, >> without disrupting your career or home life. >> >> http://www.msia.norwich.edu/secfocus>> --------------------------------------------------------------------------->> >> >> > >---------------------------------------------------------------------------This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree,without disrupting your career or home life. http://www.msia.norwich.edu/secfocus---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re[2]: user default password checking tool, (continued)
- Re[2]: user default password checking tool Roman Shirokov (Sep 18)
- Re: user default password checking tool badz (Sep 18)
- RE: user default password checking tool Dixon, Wayne (Sep 18)
- Re: user default password checking tool Raoul Armfield (Sep 18)
- RE: user default password checking tool Greg Jones (Sep 18)
- Re: user default password checking tool PCSC Information Services (Sep 18)
- Re: user default password checking tool Josh Parker (Sep 22)
- Re: user default password checking tool Alexander Bolante (Sep 25)
- Re: user default password checking tool Terry Lowery (Sep 26)
- Re: user default password checking tool Machiavel (Sep 27)
- Re: user default password checking tool Terry Lowery (Sep 27)
- Re: user default password checking tool Alexander Bolante (Sep 25)
- Re: user default password checking tool Mario A. Spinthiras (Sep 25)
- Re: user default password checking tool Ahmouda (Sep 29)