How do I update the weak password dictionary?
Where is the Vulnerability Manager password dictionary located?
Where can I add words to check passwords against for users?
Is there a password dictionary for Vulnerability Manager?
How are words encrypted in the password dictionary?
NetIQ Vulnerability Manager 5.5
NetIQ Vulnerability Manager 5.0
NetIQ Vulnerability Manager Agent for Windows 5.0
NetIQ Vulnerability Manager Agent for Windows 5.5
The weak password dictionary is a local file on each agent computer. The file is named pwdencode.dic and is located at C:\Program Files\NetIQ\Vulnerability Manager Agent\bin. Words that have been added to the dictionary are encrypted when the agent runs password reports. These words are compared to the encryption hash of the passwords stored on the computer and matches are reported as "weak" passwords.
To add new weak passwords to the weak password dictionary:
- On the agent computer, browse to C:\Program Files\NetIQ\Vulnerability Manager Agent\bin\pwdencode.dic.
- Right-click the pwdencode.dic file and select Open With > Notepad.
- Browse to the end of the file.
- Enter your new weak password at the end of the list but before the special character. Do not add an encryption string after the new weak password.
- Save and close the file.
You must manually update the password dictionary on each agent computer. You cannot currently update multiple agent password dictionaries simultaneously.