Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

weird password policy!

Status
Not open for further replies.
Score1000

Score1000

Technical User
Joined
May 20, 2003
Messages
45
Location
IR
please some one makes me clear on this issue:

my company's previous admin has set a password policy that cause users's password to follow this form: xxxxxx-dddd which xxxxxx is a constant and specific word plus -, and dddd is a set of variable digits, nothing else is impossible! I never and ever came across such a policy, how does it works? now everybody in the network knows the other's password because they differ just in 4 digits.
thanks
 
Sort by date Sort by votes
About the only way that I can imagine that this was done was with a custom passfilt.dll (Password Filter). It IS possible with a custom passfilt to effectively hardcode parts of a password.

By removing the current passfilt and replacing it with a standard one, it should resolve the issue that you're seeing.

Look here for more info:

HTH!



Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone -
 
Upvote 0 Downvote
Thanks Rick, but I still don't know how/where to find this policy and how to remove/change it! the DC in my domain is a 2k and the previous admin was not professional, I am amazed how could she do it! please give me more info, should I look in the registry? or else? I didn't understand the codes written in that article.
thanks alot
 
Upvote 0 Downvote
Well, don't subestimate girls :)
All that she has to do was just to have that filter password and then to set "pasword meets complexity requirement".
Maybe there are tools that automatically will do this.

You have two choices:
1. go back to default filter, and use complexity requirements
2. not use complexity requirement for password

Go back to default filter= replace the PASSFILT.DLL file with a one from a Service Pack installation (or another PC).
Complexity requirement:
you can find it in :
Active directory Users and Computers mmc / domain / properties / group policy / default gpo / edit /computer configuration / windows settings /security settings/ account settings / then you will find a key: password must meet security requirements. Setting it to disable the custom password policy filter will be skipped.
For just replacing the file, i think is good to replace the file and then to check/uncheck again the above setting in the security policy.


Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
I couldn't find any passfilt.dll file! even on my 2k desktop machin in home. also the "password must meet complexity requirements" is already "not defined" in the policy. what should I do? :(
 
Upvote 0 Downvote
I know of a program, Password Policy Enforcer 3.5,
maybe it will help you to setup your password policies once you solve the problem you're having right now.



Breakerfall
®º°¨¨°º can you ping me now...GOOD! º°¨¨°º®
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Mohamed-IT
  • Locked
  • Question Question
Windows server 2019 password locked
Replies
1
Views
409
strongm
strongm
penguinroundup
  • Locked
  • Question Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
444
penguinroundup
penguinroundup
TECHMAN007
  • Locked
  • Question Question
RD Web Password Change
Replies
0
Views
304
TECHMAN007
TECHMAN007
rrmcguire
  • Locked
  • Question Question
group policy to set dns
Replies
2
Views
597
rrmcguire
rrmcguire
RdFromK
  • Locked
  • Question Question
GroupPolicy error 1065 with Windows SBS CSE Policy
Replies
2
Views
577
RdFromK
RdFromK

Part and Inventory Search

Sponsor

Back
Top