Josh Stone

I'm curious how you see the use case for the "exclude" list. It seems like creating a list of likely in use passwords, which might be a liability. I'm trying...

Oh, that's interesting. I will need to look at that and see why. On Fri, Oct 5, 2018 at 10:26 AM epiclolz wrote: > Make sure you have you minimum...

I don't believe we have any autodetection on an updated database, so you may need to stop and restart the service when you update the blacklist. On Tue, May 22,...

That's really odd -- is the standard Microsoft password filter DLL listed in the configured filters? On Tue, Jul 10, 2018 at 8:13 AM abortedfajitas wrote: > I am basically...

Are you certain there isn't any conflict between your domain policy, domain controller policy, and local security policy on your DCs? >

Which github repo have you downloaded? Is this from the /jephthai/OpenPasswordFilter repo, or one of the cloned repos? On Mon, Jul 30, 2018 at 11:57 AM choakumchild wrote: > I...

At some point, my thought has been to create a facility for arbitrarily complex rules, probably by embedding an interpreter of some sort in the policy service. That way, you...

Exploring that possibility, the same rule-based mutation of dictionary entries could be done as well. The only concern would be spiking CPU by applying too many rules. That's not such...

I wanted a user-space DB to make the decisions because the dictionary could be arbitrarily large. What if someone wants a gigabyte of forbidden passwords, or implements really complicated logic...

On the network / IPC mechanism point -- I wanted to avoid having to mess with named pipes and the potential for network accessibility. Someone who can sniff traffic on...