Password Strength meter
We are running AD Self Service 5.1 Build 5100. I am wondering on the Password Strength meter how some of the calculations are. I went in and set the advanced options of Min 7, Max 25, Special 2, Begin with Letter, use Upper and Lower, use Numbers, Prevent Palindrome, Disallow use of 3 consecutive characters from userID, and prevent pattern qwerty,asdf,1234
I then went to Microsoft's password strength tester (https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx) and came up with several sample passwords. But the passwords that Microsoft lists as strong, AD Self Service lists as weak. Also, I've noticed that if you have more than 3 spaces in a password, AD Self Service goes from strong to weak.
(I also tested the passwords at Intel's years to crack password tester: https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html )
This is my PassWord 4 Belz? (best) (weak) (7.109e+23 years to crack)
Now is the Time 4 all good men. (best) (weak) (8.959e+26 Yrc)
Sunshine2Beach. (best) (good) (5 years)
Locker.pen?22 (medium) (strong) (1847 years)
Venture99Pockets (strong) (weak) (21432504 years)
First () is Microsoft, second () is AD SelfService, and third () is Intel's years to crack.
I want to have a password strength meter to help the users, but it appears the one in AD SelfService isn't working. Is it possible to edit the HTML and replace it?
I then went to Microsoft's password strength tester (https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx) and came up with several sample passwords. But the passwords that Microsoft lists as strong, AD Self Service lists as weak. Also, I've noticed that if you have more than 3 spaces in a password, AD Self Service goes from strong to weak.
(I also tested the passwords at Intel's years to crack password tester: https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html )
This is my PassWord 4 Belz? (best) (weak) (7.109e+23 years to crack)
Now is the Time 4 all good men. (best) (weak) (8.959e+26 Yrc)
Sunshine2Beach. (best) (good) (5 years)
Locker.pen?22 (medium) (strong) (1847 years)
Venture99Pockets (strong) (weak) (21432504 years)
First () is Microsoft, second () is AD SelfService, and third () is Intel's years to crack.
I want to have a password strength meter to help the users, but it appears the one in AD SelfService isn't working. Is it possible to edit the HTML and replace it?
Topic Participants
James Rhodes
Brian Richardson
Germano da Cunha Diogo Saffier
Raghuraman B