Educause Security Discussion mailing list archives

Re: Password strength

From: "Mccormick, Kevin" <ke-mccormick () WIU EDU>
Date: Thu, 26 Oct 2017 10:04:41 -0500

There is a a list of compromised passwords a you can download, around 320
million of them.

The passwords are hashed SHA1.

https://haveibeenpwned.com/Passwords

Kevin McCormick
<https://www.youracclaim.com/badges/3aa51624-4156-498d-bf6f-4a61790d54cf/public_url>
Network Administrator
University Technology - Western Illinois University
KE-McCormick () wiu edu | (309) 298-1335 <3092981335> | Morgan Hall 106b
Connect with uTech: Website <http://www.wiu.edu/utech> | Facebook
<https://www.facebook.com/uTechWIU> | Twitter
<https://twitter.com/WIU_uTech>


On Thu, Oct 26, 2017 at 9:48 AM, WALTER KERNER <walter_kerner () fitnyc edu>
wrote:

Hi all.  Is anyone using a tool to check the strength of user passwords,
beyond the basic AD characteristics of number of characters, character
classes, etc.  For example, there are tools that check user passwords
against a long list of bad passwords like password1. 1234567, etc.  Thanks









Walter Kerner

AVP and CISO

[image: blue]

333 7th Avenue, 13th Floor
<https://maps.google.com/?q=333+7th+Avenue,+13th+Floor+New+York,+NY+10001&entry=gmail&source=g>

New York, NY 10001
<https://maps.google.com/?q=333+7th+Avenue,+13th+Floor+New+York,+NY+10001&entry=gmail&source=g>

Voice: 212-217-3415 <(212)%20217-3415>

Current thread:

Password strength WALTER KERNER (Oct 26)
- Re: Password strength Mccormick, Kevin (Oct 26)
  - Re: Password strength Dale Lee (Oct 26)
    - Re: Password strength Valdis Kletnieks (Oct 26)
    - Re: Password strength Taylor Randle (Oct 26)
- <Possible follow-ups>
- Re: Password strength Rich Graves (Oct 26)
- Re: Password strength Joseph Tam (Oct 26)