09-01-2024, 10:02 PM
Hi,
I've been running an internal password audit against our active directory users. Over the years and password policy revisions naturally the complexity has increased, how is everyone dealing with it? Larger dictionary files, more rules or masks?
I'm still finding password containing 123 however nowhere near as many as I used to, going from 70% recovery rate to less that 5%.
Does anyone have any specifics tips or tricks please.
I've been running an internal password audit against our active directory users. Over the years and password policy revisions naturally the complexity has increased, how is everyone dealing with it? Larger dictionary files, more rules or masks?
I'm still finding password containing 123 however nowhere near as many as I used to, going from 70% recovery rate to less that 5%.
Does anyone have any specifics tips or tricks please.