|
Posted by DaveMo on November 8, 2007, 10:18 am
Please log in for more thread options On Nov 7, 2:04 pm, intelt...@gmail.com wrote:
> Thanks Svyatoslav
>
> What we are looking at is using PEAP-MS-CHAP V2 for wireless
> authenication, and although we have a password policy in place (using
> standard windows AD features) it still allows as user to have a non
> secure password, such as P@ssw0rd.
>
> Therefore we were going to us Computer only authentication for the
> wireless network - however that makes the wireless network security as
> is as good as the Computer password - hence the question, trying to
> find how complex the Computer Passwords are etc.
>
> So in summary, we want the password to be very complex!
>
> Cheers
> David
>
>
>
>
> > Since the password is not entered interactively it can be generated
> > randomly. Complexity is not an issue, therefore it's the full length (I
> > think 127 Unicode characters) password.
>
> > I'm just making an educated guess: this is what Windows does for smart card
> > only users.
>
> > --
> > Svyatoslav Pidgorny, MS MVP - Security, MCSE
> > -= F1 is the key =-
>
> > *http://sl.mvps.org*http://msmvps.com/blogs/sp*
>
>
>
> > > Hello
>
> > > Does anyone have any information on the Active Directory Computer
> > > Account Password. I am looking for something that outlines the
> > > complexity of this password (ie length, characters used etc)\
>
> > > If it makes any difference, the clients are primarily Windows XP SP2,
> > > and AD is Windows 2003 Native Mode.
>
> > > Cheers
> > > David- Hide quoted text -
>
> > - Show quoted text -- Hide quoted text -
>
> - Show quoted text -
Hi David,
Don't quote me on this, but I seem to recall that the process starts
with a call to CryptGenRandom and the result is hashed to the maximum
password length of 128 chars as the previous responder said. So yes,
the password is very strong and your approach should be very secure.
Thanks,
Dave
| 
XML Sitemap