Detailed scan results: Analyzing password policy Windows 2000/XP/2003 security policies provide a set of rules that can be configured for all user accounts to protect against brute force password guessing attacks. These include account lockout control and password strength enforcement policies which if correctly configured make it very difficult for an attacker to crack user/logon credentials. Typical vulnerabilities in an IT infrastructure are the result of incorrectly configured lockout control and password strength enforcement policies. These include default passwords and weak passwords that are made up of few characters or which are identical to the respective username. Screenshot 37 - Password policy node GFI LANguard N.S.S. helps you identify misconfiguration in your password policies by collecting the password policy settings currently configured on target computers and including them as part of the scan results. This way you avoid the need of having to physically check these out on the respective machines. To access the password policy settings collected during a scan click on the Password Policy sub-node.
