Home » Hacking News » Microsoft Windows 2000 Password Policy Bypass Vulnerability

Microsoft Windows 2000 Password Policy Bypass Vulnerability

by Nikola Strahija on March 12th, 2002 It is possible to create a security policy regarding passwords for Windows 2000, that will require users to use secure passwords, which should be periodically changed. It is also possible to make Windows remember several previous passwords (18 in our case).

Now, when time comes for user to change the password, system checks
whether or not new password is among those 18 old ones. If it is not,
and password satisfies other conditions, then password changes.

It is possible for user though to change the password without waiting
for it to expire. When changing this password, password history check
is not done, but check for all other conditions is performed.

Remote: No

From the forum

The forums are now OPEN AGAIN!

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Users login

JOIN XATRIX

Microsoft Windows 2000 Password Policy Bypass Vulnerability

Related articles

Advisories

Vulnerabilities

From the forum

Newsletter signup

Free E-books

Contact