Password History Storage and Variability Comparison

Posted by z3ke on Server Fault See other posts from Server Fault or by z3ke
Published on 2012-03-19T22:04:23Z Indexed on 2012/03/19 23:32 UTC
Read the original article Hit count: 164

Filed under:

Windows

|

exchange

|

password

|

change

I believe this situation would be similar to many others out there, so maybe some of you can shed some light...

Supposedly, when making password changes through MS exchange every 90 days, you cannot use any simple variation of one of your old passwords, up to whatever limit the admin's set for a system.

My question: If your previous passwords are only stored as hashes, how can they check for the "just changed one letter" case. Wouldn't they have to have access to the old plain-text passwords in order to make those comparisons?

The only other thing I can think of is if upon original creation of a password, they also stored all other one character permutations of it, so that they can be banned later?

© Server Fault or respective owner

Related posts about Windows

Server 2012 DFS New Member Issue

as seen on Server Fault - Search for 'Server Fault'
I am trying to add a new member to our DFS topology. We have 3 DCs (VMs - VMware) running Windows server 2012, two servers are located in or Primary site and the third at our DR site. Currently the two servers at our primary site are currently replicating DFS (full mesh) and are working fine. I have… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
error in IIS7 but not on IIS6

as seen on Server Fault - Search for 'Server Fault'
I have a website that is we are now deploying to windows 2008 servers that has worked in the past on IIS6 without a problem. It is using .net 2 framework. Most of the website works. Just when we create a screen report over a certain size on the server we get this error. Event code: 3005 Event… >>> More
Microsoft Management Console stops working when I add snap-in to it

as seen on Super User - Search for 'Super User'
I have Windows 7 Ultimate OS. I'm opening mmc.exe as administrator and trying add Certificates or any other snap-in, then while loading that snap-in MMC breaks and displays following message and after that it closes automatically once I click on close button on that message. What could be the problem… >>> More
Handling keyboard and mouse input (Win API)

as seen on Game Development - Search for 'Game Development'
There is a number of ways to catch mouse or keyboard under Windows. So I tried some of them, but every of them has some advantages and drawbacks. I want to ask you: Which method do use? I've tried these: WM_KEYDOWN/WM_KEYUP - Main disadvantage is that, I can't distinguish between left and right-handed… >>> More

Related posts about exchange

Upgrade Exchange 2003 to Exchange 2010 – Part II

as seen on Simple Talk - Search for 'Simple Talk'
In Jaap's second article on upgrading straight from Exchange Server 2003 to 2010, he explains how to move the various services from Exchange Server 2003 to Exchange Server 2010 and fully decommission the Exchange Server 2003 servers. >>> More
Upgrade Exchange 2003 to Exchange 2010

as seen on Simple Talk - Search for 'Simple Talk'
In this article, the first of two in which Jaap describes how to move from Exchange Server 2003 straight to Exchange Server 2010, he shows what is required before moving mailboxes from Exchange Server 2003 to Exchange Server 2010. He shows how to upgrade Active Directory, install both Exchange Server… >>> More
exchange server 2010 Outlook Web Access - Exchange Control Panel WEB Interface

as seen on Server Fault - Search for 'Server Fault'
from what i can gather the mailbox bit of the web interface works fine.. when any of the users go to options (top right) and try to use some of the features such as the Organise Mail Delivery Reports to find messages etc... it comes up with a message .. "An item with the same key has already been… >>> More
Backup multiple Exchange Accounts without direct access to exchange server

as seen on Server Fault - Search for 'Server Fault'
For e-mail, we use Microsoft Exchange and it is hosted by 1and1.com. We have about 30 Exchange accounts that I would like to backup to a PST file. That is, for each account that we have (all 30), I would like to create a single PST file (1.pst thru 30.pst). I do not have direct access to the Exchange… >>> More
when using exchange 2010 it complains of not talking to Information Store service on exchange 2007

as seen on Server Fault - Search for 'Server Fault'
I am attempting to do an upgrade in my org from exchange 2007 to exchange 2010. I moved all the mailboxes and made sure my certificates were setup in exchange 2010. I then changed my ip forwarding rules to forward mail to my exchange 2010 box. I can receive email. I then powered off my exchange 2007… >>> More