Security

The ideal password is over 14 characters long, with a mixture of upper and lower case letters, numbers, and special characters. But many users are allowed to use weak passwords based on the weak password policy. The IT admin’s job is to ensure that every user account in Active Directory is secured with a strong password. Unfortunately, the default domain password policy, which admins use to…

User accounts with empty password are more susceptible to attacks. Domain accounts with the PASSWD_NOTREQD property flag set have the potential to login to the domain without a password, regardless of domain-wide policies that enforce minimum password length and password complexity. The “Empty Password Users Report Tool” can be used to find the user accounts with password fields set to…

Password Policy Manager is a free tool from ManageEngine ADManager Plus that allows any user to retrieve and view the Domain Password Policy.  This tool also allows users with administrative rights to edit the Domain Password policy. Password Policy fields that can be edited using this tool include: Password History — Number of Passwords that the system must remember Minimum and Maximum…

The DMZ Port Analyzer is a free tool from ADManager Plus that allows administrators to check the status of ports required by any third party application to work with Active Directory which resides in the DMZ. In a multi-LAN or DMZ environment, one needs to ensure the firewall does not block the ports required by Active Directory. This tool will help in identifying the status of ports specific to…