Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Stealing password? What could be easier?

  1. #11
    Junior Member
    Join Date
    Jul 2004
    Posts
    2
    The problem seems to be that most people use "jim1234" for password but we all must admit that it's inevitable after all. If you force users to use "1337p4SS@$@%" the most possible thing is that they'll write the pass in a piece of paper which is far worse imho. The best thing would be limiting user rights in a paranoid level because password theft is inevitable. Of cource there are no rights to limit in a banking system so the best way would be to check other details too like phone or ID number.

  2. #12
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    Originally posted here by djscribble
    i do wish that rather than just length you could also specify that a password must have 3 of the 4 following elements

    capital letters
    lowercase letters
    numbers
    symbols
    Perhaps I read this wrong, but that is exactly what password complexity accomplishes..

    Password must meet complexity requirements Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy

    Description
    Determines whether passwords must meet complexity requirements.

    If this policy is enabled, passwords must meet the following minimum requirements:

    Not contain all or part of the user's account name
    Be at least six characters in length
    Contain characters from three of the following four categories:
    English uppercase characters (A through Z)
    English lowercase characters (a through z)
    Base 10 digits (0 through 9)
    Nonalphanumeric characters (e.g., !, $, #, %)
    Complexity requirements are enforced when passwords are changed or created.

    To create custom password filters, see the Microsoft Platform Software Development Kit and the Microsoft Technet.

    Default: Disabled.

  3. #13
    Senior Member
    Join Date
    Jun 2004
    Posts
    460
    wow, i really must have read my manual wrong that time -- for some reason i thought it only did length... is there another setting somewhere that does password length only??
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
    CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM

  4. #14
    Banned
    Join Date
    Feb 2004
    Posts
    93
    Hey, what's the ratio for AO? Namely passwords of 1234-5-6, qwerty, asfg, etc...

    -Cheers-

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •