nFront Password Filter Features

nFront Password Filter Settings VS. Windows Password Settings

Below you can see the advantages and felxibility nFront Password Filter.

Password Policy Setting: Windows 2003 R2 nFront Password Filter
Minimum Password Length (in characters) Yes, but you cannot set the min to 15+ chars. YES, you can set the min. length from 1 to 127 characters.
Maximum Password Length (in characters)   YES
Reject passwords that don't contain at least <value> of the following character types 3 character types only** 1-4 character types
Ability to set min and max numeric characters in password.   YES
Ability to set min and max upper case characters in password.   YES
Ability to set min and max lower case characters in password.   YES
Ability to set min and max alpha characters in password.   YES
Ability to set min and max non-alphanumeric characters in password   YES
Ability to limit the use of only a specific set of special characters (useful for ensuring mainframe password compatibility).   YES
Reject passwords that contain vowels (a,e,i,o,u,y)   YES
Reject passwords that contain 2 consecutive identical characters   YES
Reject passwords that begin with a number.   YES
Reject passwords that end with a number.   YES
Reject passwords that begin with a special character.   YES
Reject passwords that end with a special character.   YES
Passwords must contain a numeric character in position <value>.   YES
Passwords must contain a special character in position <value>.   YES
Password must contain special character before character number <value>.   YES
Reject passwords that contain the username. yes** YES
Reject passwords that contain any part of the user's full name. yes** YES
Ability to check password against a dictionary of common passwords   YES
Ability to skip dictionary checking for longer passwords (great setting for enforcing passphrases without sacrificing complexity of short passwords).   YES
Support for multiple password policies in the same domain   Up to 6

** Windows Settings allow only a hard-coded “complexity” setting which requires:

  • Passwords contain 3 of 4 character sets (upper, lower, numeric and non-alphanumeric character sets)
  • Password cannot contain userid
  • Password cannot contain any part of user’s full name.

This “complexity” setting is hard-coded into the operating system and is not flexible. It is either turned off or on.

Untitled Document