Resolution
goal
How does the Windows agent determine users with weak passwords?
fact
NetIQ Vulnerability Manager Agent for Windows 5.0
fact
VigilEnt Security Agent for Windows 3.1
fact
VigilEnt Security Agent for Windows 3.2
fact
VigilEnt Security Agent for Windows 4.0
fix
note
For version 5.0 go to c:\Program Files\NetIQ\Vulnerability Manager Agent\bin
How does the Windows agent determine users with weak passwords?
fact
NetIQ Vulnerability Manager Agent for Windows 5.0
fact
VigilEnt Security Agent for Windows 3.1
fact
VigilEnt Security Agent for Windows 3.2
fact
VigilEnt Security Agent for Windows 4.0
fix
The Weak Passwords report uses a dictionary of numbers, characters, and words to identify weak passwords. The report returns a list of users whose passwords were found in this dictionary. You can add weak passwords to the dictionary , to do this follow the instructions below:
- Open the dictionary file located at C:\Program Files\PentaSafe\VSANT\pwdencode.dic (default location) in a text editor.
- Add the new weak passwords to the end of the word list.
- Save the dictionary file.
Do not put the new words between any of the current listings. The agent identifies new words at the end of the list, then creates a hash for the new words. This report incorporates the "Users with Password=Username" report and the "Users Without a Password" report to help identify weak passwords.
note
For version 5.0 go to c:\Program Files\NetIQ\Vulnerability Manager Agent\bin
Additional Information
Formerly known as NETIQKB31795