Restricted password lists in Windows 2003 Server

Curiosityx

Curiosityx

Curiosityx

Soldato
Joined
17 Oct 2002
Posts
3,941
Location
West Midlands
Greetings, does anyone know of a method where by a policy can be set that prevents users from using weak or common passwords, im well aware that you can set the complexity requirements as well as the length but this doesn't disallow users from using such combinations as "Password01" "Password02" etc which does match complexity requirements.

Regards
 
I could be wrong - but I was 99% sure that under the "Must use complex password" policy there was a way of listing workds that were not allowed.
So for example you could add the word "password" or "letmein" or "root2root" and if those words appeared in the password it would be disallowed.

I'll try and find where that option is.
 
stoofa said:
I could be wrong - but I was 99% sure that under the "Must use complex password" policy there was a way of listing workds that were not allowed.
So for example you could add the word "password" or "letmein" or "root2root" and if those words appeared in the password it would be disallowed.

I'll try and find where that option is.
Click to expand...

Would be much appreciated.

Regards
 
complexity requires letters, numbers, capitalisation and a non alphanumeric char (£$%!"^&*) etc so Password, Password01 etc would not work
Pa$$w0rd would.
 
VeNT said:
complexity requires letters, numbers, capitalisation and a non alphanumeric char (£$%!"^&*) etc so Password, Password01 etc would not work
Pa$$w0rd would.
Click to expand...

Sorry but "Password01" and associated variations do work this has been tried and tested over many server builds and with complexity requirements turned on.
 
You must log in or register to reply here.
Back
Top Bottom