manam.pervez1 Posted September 23, 2013 Report post Posted September 23, 2013 Hello all, Can anyone able to tell me, how to have a dictionary of common words and passwords and restrict users from using them for their domain passwords. words like these need to be banned: Lucky lucky PasswordPassword123password123123412345 etc Quote Share this post Link to post Share on other sites More sharing options...
Jorgen Nilsson Posted September 24, 2013 Report post Posted September 24, 2013 Hi, There is no such feature in Active Directory but there are 3rd party solutions providing such solutions as add-ons to AD if I am not mistaking , a while ago since I worked with this. Regards,Jörgen Quote Share this post Link to post Share on other sites More sharing options...
manam.pervez1 Posted September 24, 2013 Report post Posted September 24, 2013 Yes, I knew that, i don't remember the add-ons name or how to do it. can you refer me any Link or name so i can Google it. Quote Share this post Link to post Share on other sites More sharing options...
LawrenceGarvin Posted September 24, 2013 Report post Posted September 24, 2013 And yet... there is a feature in Active Directory/Group Policy that effectively does exactly this. Password must meet complexity requirements which is found in Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy No, it doesn't explicitly define a dictionary of common words, but with this option enabled, it is near impossible to create a password using anything you'd likely define in such a dictionary. Quote Share this post Link to post Share on other sites More sharing options...
manam.pervez1 Posted September 25, 2013 Report post Posted September 25, 2013 Thank you Lawrence, This Feature is already Enable , but still some of our users using these kind of Stupid Password. Any advice Quote Share this post Link to post Share on other sites More sharing options...
LawrenceGarvin Posted September 27, 2013 Report post Posted September 27, 2013 If they're able to use those "stupid passwords", then I would submit that the policy, which may be "enabled", is not actually being applied, or else somebody has overridden that policy for certain user accounts (or computers). You should run RSOP on the affected computers and verify that the correct policies and settings are actually being applied. Quote Share this post Link to post Share on other sites More sharing options...
manam.pervez1 Posted October 1, 2013 Report post Posted October 1, 2013 Checked , but there are no Overridden Policy, in my environment. any more advice? Quote Share this post Link to post Share on other sites More sharing options...
