passwords 14362
passwdqc for Windows (Active Directory) - password/passphrase policy enforcement
22 hours ago by whip_lash
Full support for passphrases, extensive testing [1] [2] [3] on real-world passwords, being able to exactly match the policy you use on Unix (if applicable), bundled end-user programs (their use is optional), and simple site-wide licensing and pricing (not per-user, nor per-computer) differentiate this product from the competition.
The product, once installed, registers with the system a password filter DLL, which is where the policy is enforced. Also included are three programs: Configuration, Change Password, and Reset Password - please see the screenshots. The latter two programs may be used to easily duplicate the domain controller's password policy on end-user systems, so that the users are informed of the specific reason why their initial choice of new password did not meet policy and are offered randomly-generated passphrases.
activedirectory
passwords
The product, once installed, registers with the system a password filter DLL, which is where the policy is enforced. Also included are three programs: Configuration, Change Password, and Reset Password - please see the screenshots. The latter two programs may be used to easily duplicate the domain controller's password policy on end-user systems, so that the users are informed of the specific reason why their initial choice of new password did not meet policy and are offered randomly-generated passphrases.
22 hours ago by whip_lash
Twitter
7 days ago by ciphpercoder
Sure. It flies in the face of every piece of research carried out in the last 5 years, but we'll change #passwords…
passwords
from twitter_favs
7 days ago by ciphpercoder
Passwords Part 2 - Passwords off the Wire using LLMNR - SANS Internet Storm Center
9 days ago by bwiese
LLMNR – Link Layer Multicast Name Resolution. What’s that you say? - Name resolution tended to use WINS as much or more than DNS. If you didn’t happen to have WINS or DNS set up, clients would send a local multicast request out on port UDP/5355 for name resolution. And yes, that is still with us today.
While LLNMR is easily fixed with GPO, NetBIOS over tcp/ip is not and you either need individual touches to systems, script something up, or some other management tool like SCCM to change that setting. so you have to disable LLNMR and NetBIOS over tcp/ip to fully solve this problem.
llmnr
cybersecurity
passwords
sans
tools
While LLNMR is easily fixed with GPO, NetBIOS over tcp/ip is not and you either need individual touches to systems, script something up, or some other management tool like SCCM to change that setting. so you have to disable LLNMR and NetBIOS over tcp/ip to fully solve this problem.
9 days ago by bwiese
Dumping Clear-Text Credentials | Penetration Testing Lab
14 days ago by whip_lash
The article contains Windows locations where passwords might exist and techniques to retrieve them.
passwords
windows
security
pentest
postexploitation
14 days ago by whip_lash
related tags
#project-magic 10.13 1password 2018 2018b 2fa accounts activedirectory and android apfs api apple applecommunity appleid applepay apps apr authentication azuread backup banking bestpractices biometrics biz&it bka breach browser bug chrome cisco coding configuration configuring console cool cracking creativecommons crypt crypto cryptography cybersecurity data database default design developers devise dice digital digital_legacy discovery docker done ecs email encryption environment evernote extensions faceid facialrecognition filevault findmyiphone fingerprint firefox forms forums game gem gems generator gmail golang google google_photos gov2.0 guide hack hacking hardware hash hashcat hashes hosting how-to hunt importexport instapaper internet internetofthings ios ios10 iot ipad_pro iphone iphonex itunes journal js key krebs leak leaks legal lh linux list llmnr lukew mac macbook macos macosx manage manager messaging microsoft mongo nist notes_app ohforfuckssake open-source opensource osx outlook passcodes passwd password passwordmanager pdf pentest photos_app podcast police postexploitation privacy privileges productivity pwn pwned questions raspberrypi recovery reference resource responder rip ruby safety salting sans scanning secret securety security securitytheater seguridad service set settings setup software softwarelibre ssm ssn support swiss tech technews technology test tester tidbits tips tmobile tools troy tweet twitter two-factor-authentication twofactor type:tool unix usability usb utilities variable w3c weak weather web webdev webtool whatsapp windows wordlists musicCopy this bookmark: