Set Limit for Number of Bad Password Retries for Local Area Network Server Logon
Original Publication Date: 1996-Jun-01
Included in the Prior Art Database: 2005-Mar-31
Disclosed is a method to set Local Area Network (LAN) server maximum number of bad password retries by the administrator and track users' attempts. The system can be used to catch the malicious user or to disable any further attempts.
Set Limit for Number of Bad Password Retries for Local
a method to set Local Area Network (LAN) server
maximum number of bad password retries by the administrator and track
users' attempts. The system can be used to catch the malicious user
or to disable any further attempts.
system for LAN SERVER was exposed due to the fact
that a user can attempt unlimited number of times to logon to the
system. The administrator had no ability in controlling how many
times users can assay a valid userid with a valid password. From a
security point of view, this is unacceptable, it exposes the network
to dictionary attacks. A malice user could possibly keep trying
different passwords until one succeeds. The product lacked the
ability to track the bad password attempts in order to either catch
the culprit to disable the userid.
consists of two parts: The first part deals with
the ability to set a limit on the number of attempts that a user may
tries. Setting this limit is flexible not rigid. The limit can be
increased or decreased according to the need of the environment where
LAN SERVER is running. In addition, the solution provides for
backward compatibility with legacy models. If a domain is running
with a version that does not provide this solution, the domain still
have the ability to run without it.
command line, users with the administrator privilege
can now set this maximum, by using the new flag /MAXBADPW with the
'net accounts' command as follows: net accounts /MAXBADPW:XX. where
XX is a number. f XX is 0 the maximum bad passwords is not checked
and LAN SERVER operates as before. This limit is stored in the user
accounts database. All users have permission to display this limit.