Click here to get back home

GINA Password Display
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
GINA Password Display Dave Shawley 08-29-2007
Posted by Dave Shawley on August 29, 2007, 10:26 am
Please log in for more thread options
 Hi all,

I'm pretty sure that there isn't a simple configuration option to do
this, but I figured that I would ask anyway. We have a request from a
client to modify the login process to our Windows 2003 servers so that
the length of the password is not displayed during the logon process.
I'd imagine that this would be a GINA configuration option but I
haven't found a setting that controls password display. Is there any
way to accomplish this without a rewrite of the GINA?

Thanks in advance,
Dave
--


Posted by Meinolf Weber on August 29, 2007, 5:15 pm
Please log in for more thread options
 Hello Dave,

In Windows theire is no option to configure this. You will allways see the
length of the password.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.

> Hi all,
>
> I'm pretty sure that there isn't a simple configuration option to do
> this, but I figured that I would ask anyway. We have a request from a
> client to modify the login process to our Windows 2003 servers so that
> the length of the password is not displayed during the logon process.
> I'd imagine that this would be a GINA configuration option but I
> haven't found a setting that controls password display. Is there any
> way to accomplish this without a rewrite of the GINA?
>
> Thanks in advance,
> Dave
> --



Posted by S. Pidgorny on August 30, 2007, 4:43 am
Please log in for more thread options
I'm thinking about changing the default font, the one that the ***s are
displayed in, with zero-width invisible character replacing the "*". No GINA
change, no lenght display.

What a pointless exercise!

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

> Hello Dave,
>
> In Windows theire is no option to configure this. You will allways see the
> length of the password.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
>
>> Hi all,
>>
>> I'm pretty sure that there isn't a simple configuration option to do
>> this, but I figured that I would ask anyway. We have a request from a
>> client to modify the login process to our Windows 2003 servers so that
>> the length of the password is not displayed during the logon process.
>> I'd imagine that this would be a GINA configuration option but I
>> haven't found a setting that controls password display. Is there any
>> way to accomplish this without a rewrite of the GINA?
>>
>> Thanks in advance,
>> Dave
>> --
>
>



Posted by Roger Abell [MVP] on August 30, 2007, 3:03 am
Please log in for more thread options
> Hi all,
>
> I'm pretty sure that there isn't a simple configuration option to do
> this, but I figured that I would ask anyway. We have a request from a
> client to modify the login process to our Windows 2003 servers so that
> the length of the password is not displayed during the logon process.
> I'd imagine that this would be a GINA configuration option but I
> haven't found a setting that controls password display. Is there any
> way to accomplish this without a rewrite of the GINA?
>

I've never seen or heard of a way to get at that. It is probably
hardwired (by ui field type) that one sees the length while initially
entered (rather than being in some undoc'd setting value).

It is not worth the time/cost to your client unless they plan on not
moving to Windows Server 2008 for a long time (due to the gina
change). If they are deeply concerned about disclosure of length
(count the keystrokes if you can see the screen) perhaps suggest
smart cards (compared to throw away investment in custom gina).

Roger



Posted by Steve Riley [MSFT] on September 1, 2007, 9:30 pm
Please log in for more thread options
As the others have said, there's no way to modify this.

Dave, what risk does the client perceive they can mitigate with such a
request? Seeing the dots appear is an important visual feedback to people as
they're logging on.

--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com


> Hi all,
>
> I'm pretty sure that there isn't a simple configuration option to do
> this, but I figured that I would ask anyway. We have a request from a
> client to modify the login process to our Windows 2003 servers so that
> the length of the password is not displayed during the logon process.
> I'd imagine that this would be a GINA configuration option but I
> haven't found a setting that controls password display. Is there any
> way to accomplish this without a rewrite of the GINA?
>
> Thanks in advance,
> Dave
> --
>

Similar ThreadsPosted
Detail display for audit policy December 19, 2006, 9:06 pm
Possible to display list of machines where user has logged in? December 17, 2007, 11:46 am
cannot change domain user profile display settings August 4, 2005, 11:45 am
Problem in Change Password! Password Recovery August 27, 2005, 1:24 am
Password Expired / Cannot Change Password May 9, 2006, 9:46 am
App Services password July 6, 2005, 9:46 pm
Password Visibility December 14, 2005, 9:31 am
Password Complexity March 2, 2006, 12:12 pm
Admin Password March 9, 2006, 6:15 pm
HOW CAN i GET THE ADMINISTRATOR PASSWORD? November 20, 2006, 7:43 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap