Domino 9 und frühere Versionen > ND6: Administration & Userprobleme

Notespassword bei Änderung durch den User mitloggen

<< < (2/3) > >>

Andysun:

--- Zitat von: feargus am 05.07.07 - 16:09:14 ---Offensichtlich gibt es eine Interessante Sicherheitslücke in Lotus Notes. Durch simples setzten von 2 Parametern in der Notes.ini lässt sich das Noteskennwort bei der änderung durch den User mitloggen.

http://www-1.ibm.com/support/docview.wss?uid=swg21196682

--- Ende Zitat ---

Leider geht der Link nicht mehr.

Beste Grüsse

Andysun

m3:
Gelobt sei Google-Cache:

--- Zitat ---Error: "The Password You Specified Is Not Complex Enough" when Attempting to Change Your User ID Password.
 
Problem
When you attempt to change the password for your user ID file, the following error displays:


      "The password you specified is not complex enough."


Previously, similar passwords have worked for you. What can be done to troubleshoot this?
 
Solution
The way Notes/Domino determines if a password is complex enough is to search multiple sources on the client. If the password or any part of it is found in the dictionary, clipboard or the cache.ndk, it could fail the complexity test.

To troubleshoot this you can apply the following parameters to your client's Notes.ini file:


      KFM_ShowEntropy=1

      Debug_Outfile=<path to outfile> (e.g., Debug_Outfile=c:\password.txt)


This parameter will print to the outfile the steps that are taken during verification of a password. After attempting to change your password and you receive the error again, shut down your Notes client and open the debug outfile that was generated. If a match for your new password was found during password verification, this will be indicated in the text of the outfile.
--- Ende Zitat ---

hallo.dirk:
Update:
http://www.heise.de/newsticker/meldung/92941

WernerMo:
hallo Dirk

danke, das hätte ich sonst übersehen heute morgen.

Gruß Werner

Driri:
Hier übrigens die Stellungnahme von IBM in Form einer Technote :

http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085

Navigation

[0] Themen-Index

[#] Nächste Seite

[*] Vorherige Sete

Zur normalen Ansicht wechseln