Jump to content

Incorrect Login Attempts Software

Guest Ally

By Guest Ally
in Techno Babble

 Share

Recommended Posts

Guest Ally

Guest Ally

Posted
Posted

Does anyone know any software out there that will record all incorrect login

attempts?

 

My business doesn't have the resources available to properly manage the

account lock out policy so I need to know if there are suspicious multiple

incorrect login attempts?

Thanks

  • Replies 6
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Steve Riley [MSFT]

Guest Steve Riley [MSFT]

Posted
Posted

Just use good passwords (I like length better than complexity) and do away

with account lockout policies completely. You're right, lockout is expensive

to manage. Plus, it creates a situation where an attacker can conduct

purposeful bogus logons to lock you out of your own accounts. Wonderful form

of a denial of service attack!

 

--

Steve Riley

steve.riley@microsoft.com

http://blogs.technet.com/steriley

http://www.protectyourwindowsnetwork.com

 

 

 

"Ally" <Ally@discussions.microsoft.com> wrote in message

news:363F4528-3B85-4922-858E-7D03D6537781@microsoft.com...<span style="color:blue">

> Does anyone know any software out there that will record all incorrect

> login

> attempts?

>

> My business doesn't have the resources available to properly manage the

> account lock out policy so I need to know if there are suspicious multiple

> incorrect login attempts?

> Thanks </span>

Guest Anteaus

Guest Anteaus

Posted
Posted

Issue here is that there is a 'watershed point' at which passwords become

non-memorable. People then start writing passwords on post-its attached to

displays. At this point the security of the system plummets.

 

This is particularly true with 'complexity requirements' which require

numbers, capitals and punctuation, since these prevent the use of a memorable

passphrase.

 

"Steve Riley [MSFT]" wrote:

<span style="color:blue">

> Just use good passwords (I like length better than complexity) and do away

> with account lockout policies completely. </span>

Guest S. Pidgorny

Guest S. Pidgorny

Posted
Posted

And if the post-it isn't attached to the monitor? Or maybe not a post-it

note used, but a more secure media?

 

And don't discount a distinct possibility of creating very complex but quite

memorable passphrases. I'll give you an example:

 

"Dczrjve ujhjle Cdjq yhfd s ghfdf,"

 

Along those lines.

 

--

Svyatoslav Pidgorny, MS MVP - Security, MCSE

-= F1 is the key =-

 

http://sl.mvps.org http://msmvps.com/blogs/sp

 

"Anteaus" <Anteaus@discussions.microsoft.com> wrote in message

news:756EAFC8-EE43-4B9F-A1EE-2ACE5643656F@microsoft.com...<span style="color:blue">

> Issue here is that there is a 'watershed point' at which passwords become

> non-memorable. People then start writing passwords on post-its attached to

> displays. At this point the security of the system plummets.

>

> This is particularly true with 'complexity requirements' which require

> numbers, capitals and punctuation, since these prevent the use of a

> memorable

> passphrase.

>

> "Steve Riley [MSFT]" wrote:

><span style="color:green">

>> Just use good passwords (I like length better than complexity) and do

>> away

>> with account lockout policies completely.</span>

>

> </span>

Guest Steve Riley [MSFT]

Guest Steve Riley [MSFT]

Posted
Posted

Check out my article at

http://blogs.technet.com/steriley/archive/...once-again.aspx.

Complex passwords are actually more difficult to remember and more likely to

be cracked (because they're short) than simple sentences.

 

--

Steve Riley

steve.riley@microsoft.com

http://blogs.technet.com/steriley

http://www.protectyourwindowsnetwork.com

 

 

 

"Anteaus" <Anteaus@discussions.microsoft.com> wrote in message

news:756EAFC8-EE43-4B9F-A1EE-2ACE5643656F@microsoft.com...<span style="color:blue">

> Issue here is that there is a 'watershed point' at which passwords become

> non-memorable. People then start writing passwords on post-its attached to

> displays. At this point the security of the system plummets.

>

> This is particularly true with 'complexity requirements' which require

> numbers, capitals and punctuation, since these prevent the use of a

> memorable

> passphrase.

>

> "Steve Riley [MSFT]" wrote:

><span style="color:green">

>> Just use good passwords (I like length better than complexity) and do

>> away

>> with account lockout policies completely.</span>

>

> </span>

Guest Ben M. Schorr - MVP (OneNote)

Guest Ben M. Schorr - MVP (OneNote)

Posted
Posted

Long passphrases don't have to be difficult to remember; even with the

complexity requirements.

 

"My 2 dogs are cute!" is 19(?) characters long, mixed case, with numbers

and symbols. You might not even need the exclamation point due to the

spaces.

 

If the user really can't remember the passphrase then a reminder such as

"What are the dogs?" could be written on a Post-It and not overtly give

away what the passphrase is.

 

"Star Trek 4 was the BEST one"

"3 More Years - Retire"

"Me+Her=2Smiles"

 

Lots of easy passphrases that can meet the requirements and that nobody

is going to easily guess or brute force.

 

--

-Ben-

Ben M. Schorr, MVP

Roland Schorr & Tower

http://www.rolandschorr.com

http://www.officeforlawyers.com

 

 

 

"Anteaus" <Anteaus@discussions.microsoft.com> wrote in message

news:756EAFC8-EE43-4B9F-A1EE-2ACE5643656F@microsoft.com:

<span style="color:blue">

> Issue here is that there is a 'watershed point' at which passwords become

> non-memorable. People then start writing passwords on post-its attached to

> displays. At this point the security of the system plummets.

>

> This is particularly true with 'complexity requirements' which require

> numbers, capitals and punctuation, since these prevent the use of a memorable

> passphrase.

>

> "Steve Riley [MSFT]" wrote:

>

><span style="color:green">

> > Just use good passwords (I like length better than complexity) and do away

> > with account lockout policies completely.</span></span>

Guest Ben M. Schorr - MVP (OneNote)

Guest Ben M. Schorr - MVP (OneNote)

Posted
Posted

Event Viewer | Security probably. Though it depends a little upon what

they're trying to login to. That won't record incorrect login attempts

to Google Mail or anything like that - just to the local machine/domain.

 

--

-Ben-

Ben M. Schorr, MVP

Roland Schorr & Tower

http://www.rolandschorr.com

http://www.officeforlawyers.com

 

 

 

"Ally" <Ally@discussions.microsoft.com> wrote in message

news:363F4528-3B85-4922-858E-7D03D6537781@microsoft.com:

<span style="color:blue">

> Does anyone know any software out there that will record all incorrect login

> attempts?

>

> My business doesn't have the resources available to properly manage the

> account lock out policy so I need to know if there are suspicious multiple

> incorrect login attempts?

> Thanks</span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...