Re: Incorrect Login Attempts Software

Giganews Newsgroups
Subject: Re: Incorrect Login Attempts Software
Posted by:  Steve Riley [MSFT] (steve.ril…@microsoft.com)
Date: Fri, 6 Jun 2008

Just use good passwords (I like length better than complexity) and do away
with account lockout policies completely. You're right, lockout is expensive
to manage. Plus, it creates a situation where an attacker can conduct
purposeful bogus logons to lock you out of your own accounts. Wonderful form
of a denial of service attack!

--
Steve Riley
steve.ril…@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com

"Ally" <Al…@discussions.microsoft.com> wrote in message
news:363F4528-3B85-4922-858E-7D03D65377…@microsoft.com...
> Does anyone know any software out there that will record all incorrect
> login
> attempts?
>
> My business doesn't have the resources available to properly manage the
> account lock out policy so I need to know if there are suspicious multiple
> incorrect login attempts?
> Thanks

Replies

In response to

Incorrect Login Attempts Software posted by Ally on Fri, 6 Jun 2008