Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Password strength
  •  
jaikudo

Messages: 83
Karma: 0
Send a private message to this user
Is there any way to enforce password strength when using the internal authentication system? If we are going to put KMS on the internet we would like to stop our users putting easy passwords on.

It would be easier if we could restrict non-local access, or certain protocols, by user but it seems that this is not possible.

If it is not a feature of KMS to enforce password strength is there another way to do it? How are the passwords stored? Is there a file I can run something like "crack" on to test for bad passwords?

[Updated on: Wed, 30 January 2008 11:19]

  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
in some way forcing strong passwords: not possible Sad

Turning off the option that people can change their own password (so the admin can give them a good password and the user cannot change it themselves): not possible Sad

Controlling which user can connect by which protocol/method (and from which IP segment/NIC): not possible Sad

The passwords are stored in the users.cfg file, but most likely encrypted (you can specify this when creating a password), so using some tool to test the strength of the stored passwords: not possible Sad

All in all: it's not possible to control or enforce strong passwords with KMS Sad
  •  
jaikudo

Messages: 83
Karma: 0
Send a private message to this user
In that case, I think we will start by deploying the webmail behind our existing extranet authentication system. This will be fine for webmail.

What it does mean is that we can't offer secure IMAP, SMTP or LDAP to the external users.

I found the encrypted passwords in a file and they might be amenable to having crack run on them. I am not going to try this right now but I will probably return to it at some point. If I get anywhere with this I will post the solution here.
Previous Topic: thunderbird contacts - kms (ldif)
Next Topic: Dose Kerio Mail Server support net store(or net disk)?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Sep 20 02:04:16 CEST 2017

Total time taken to generate the page: 0.00364 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.