Yeah, I wouldn't buy an application.
When I did PCI compliance, what I did was generate 64 GB rainbow tables and crack passwords every week. If you have certain specific passwords to test against - just test them against your user community. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael I'll be at TEC'2009! http://www.tec2009.com/vegas/index.php From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Tuesday, January 13, 2009 1:07 PM To: NT System Admin Issues Subject: Re: Preventing certain passwords I haven't done any research on this personally, but we have been discussing this same topic here (goes along with PCI compliance), and to the best of my knowledge, that is a 3rd party application. Doesn't come native in AD I don't think. I could be wrong......I've been wrong before ;) On Tue, Jan 13, 2009 at 11:30 AM, Gavin Wilby <gavin.wi...@gmail.com> wrote: Hello all, Is there an easy way at a domain level to stop certain passwords being used to log on. I want to try and prevent certain words and phrases being used (like the one thats the default for a reset for instance). Either my GoogleFoo is rubbish, or im missing something. Gavin. -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~