Enforcing Significant Password Change

[AdmanOK]

I have many users who only change the last character or two of their password... for example in January their password might be Password01 and in February they would change it to Password02. Has anyone come across a password filter that would enforce a change of at least a certain number of characters? I would like to try and prevent something like this!

 

[SgtBeavis]

I honestly can't think of one. I actually do the same thing because my company forces password changes ever 30 days. It is a stupid policy which only leads to the actions you are describing. IMO, a better policy would be to enable password complexity and then scan your network for simple passwords. You can use a couple of utilities for this Cain and Able, and LanGuard come to mind.

I personally hate forced password changes that are less than 6 months. I've got 4 passwords that I perfer and I have tested them up against LC4. Even after 2 weeks of brute force cracking, it couldn't beat it.

Microsoft Certified Nut.