Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Thu, 24 Apr 2008 21:02:18 -0700 (PDT),    group: microsoft.public.exchange2000.active.directory.integration        back       


Password dictionary lookup    
Hi, Thank you in advance for any information that you can provide.
Our product is integrated with Active Directory, to authenticate our
customers. We would like to use Active Directory's API to check new
passwords against a dictionary (i.e. refuse new passwords that use
normal words). This validation step is intended as an effort to reduce
our vulnerability to dictionary attacks.
1. Is this type of password validation functionality available via AD?
2. If so, are the messages that result from failed validations fairly
descriptive? For example, what would be the response to a password
that contained the word "password." We will not utilize AD if the
responses are too generic.
3. What API calls would be involved?
Many thanks.
Nathan
date: Thu, 24 Apr 2008 21:02:18 -0700 (PDT)   author:   unknown

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us