• We should now be fully online following an overnight outage. Apologies for any inconvenience, we do not expect there to be any further issues.

XP password cycler...know of one?

Toggle sidebar Toggle sidebar
S

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
Here's the scoop:

My work requires a complex and long password....changes every 30 days.

Can't use the same password for 20+ changes.....


so... I"m looking for a way to change my password FOR ME any set number of times.

Example....
my password is HappyDog I want an app to cycle it through 20 variations so that I can end up back with HappyDog.


Anyone know of such an app?

Did I make sense?

 
T

tk11

Senior member
Jul 5, 2004
277
0
0
It's unlikley you'll find a utility to perform such a specific task, so you'll probalby have to write one yourself. AutoIt is a free utility designed to make writing windows automation scripts quick and easy. Have a look.

http://www.autoitscript.com/
 
W

WobbleWobble

Diamond Member
Jun 29, 2001
4,867
1
0
I wouldn't bother, chances are they also have a minimum password age policy to prevent what you are trying to do.
 
Snapster

Snapster

Diamond Member
Oct 14, 2001
3,916
0
0
Sounds pretty much what I've got as the domain policy here. Min 8 chars, 1 cap, 1 number, 1 lowercase required no repeat in past 10 etc. Usually it just ends up in a pattern though:

HappyDog1
HappyDog2
HappyDog3
HappyDog4
HappyDog5

etc... :)
 
S

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
Originally posted by: WobbleWobble
I wouldn't bother, chances are they also have a minimum password age policy to prevent what you are trying to do.
Click to expand...

Nope, you can change it fast as u can type... well, I've changed mine 2-3times in within a min becuse I kept changing my mind.

Thanks tk11.. I'll take a look at that scriptin tool.
 
N

nweaver

Diamond Member
Jan 21, 2001
6,813
1
0
Just ask your domain admin about this...bet they might have an idea or two ;)
 
B

bsobel

Moderator Emeritus<br>Elite Member
Dec 9, 2001
13,346
0
0
Originally posted by: thesoulhack
you are DESTROYING the entire principal of security *bangs head against desk*
Click to expand...

Actually, as someone who works in security, I disagree. The password policy set by his company (undoutably set by someone who thinks this is a good pw policy, probably a consultant that copied this from another companies handbook) is redicoulous to the point that it drives normal users to circumvent it (I'm willing to bet I can find written passwords at 40+% of the desks at that company, because of this policy). A pw policy needs to reasonable and balance security with actual use and risk.

This link explains the technical background of the 30 day password and why it's outdated and generally shows a misunderstanding of how security should be implemented.

To the OP: Dont' cycle back to the same password, at a minimum create a pattern (a series of characters aa-zz, etc) that you insert into a known place (e.g. you always do this at the third character) and use that as your password changes. So your 'HappyDog' (btw, a horrible horrible password that is trivially broken) becomes 'HappAAyDog' and on the next change it becomes 'HappABDog' etc. Create your own pattern and insertion location. It's a much better choice then what you are doing.

Oh, and lastly, all of those pw changes are logged in the event viewer. In an audit, someone would realize what you are doing...
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: nweaver
Just ask your domain admin about this...bet they might have an idea or two ;)
Click to expand...

I wish I could remember where I read an admin complaining about a user who asked that... :p
 
S

stash

Diamond Member
Jun 22, 2000
5,468
0
0
I'm willing to bet I can find written passwords at 40+% of the desks at that company, because of this policy
Click to expand...
There's absolutely nothing wrong with writing down a password. The key is how you protect the thing you write it on :p
 
B

bsobel

Moderator Emeritus<br>Elite Member
Dec 9, 2001
13,346
0
0
Originally posted by: stash
I'm willing to bet I can find written passwords at 40+% of the desks at that company, because of this policy
Click to expand...
There's absolutely nothing wrong with writing down a password. The key is how you protect the thing you write it on :p
Click to expand...

The key part being I can find :)
 
S

Souka

Diamond Member
Sep 25, 2000
4,728
1
76
Originally posted by: bsobel
Originally posted by: thesoulhack
you are DESTROYING the entire principal of security *bangs head against desk*
Click to expand...
Click to expand...


Blah blah blah....

Actually more curios if it can be done or not. HappyDog has nothing to do with my password either...I used it just as an example.(as I stated originally, "Example....")


anyhow... just about every company I"ve worked at.. Microsoft, Boeing, AT&T, WSDOT, to name a few better known ones.... I've seen the upper exec's write their password down on a sticky and put it on the laptop, right below the LCD. More often than not, they even put "userID= xxxx@company.com, password=May2007"


Nothing new....









 
R

Robor

Elite Member
Oct 9, 1999
16,979
0
76
Originally posted by: stash
I'm willing to bet I can find written passwords at 40+% of the desks at that company, because of this policy
Click to expand...
There's absolutely nothing wrong with writing down a password. The key is how you protect the thing you write it on :p
Click to expand...

Yeah, like on the monitor or keyboard or desk calender? A previous employer forced password changes every x number of days and that's what we wound up with. Many users wrote their passwords on things in plain view. Oh, we had constant password reset requests as well.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom