Releases: ryanries/PassFiltEx
v1.3.21.2
New version v1.3.21
Highlights of this release are:
Completely removed ETW logging and moved to basic text file logging. After all these years, I am finally admitting publicly that I was just trying to be a cool Windows guru and that I was just being sadistic by trying to force people to use ETW. ETW has its uses but it's really awful for when you really just want a log file. The log file is \Windows\System32\PassFiltEx.log and the log is rotated after it reaches 1MB. By default only error messages are logged, but if you use the Debug registry setting in the PassFiltEx subkey, it will enable additional informational messages. Updated the README with this information.
Added a "BlockSequentialChars" setting. This setting adds the ability to block passwords if they contain 3 or more sequential characters such as ABC or abc or 123 or def or 456, etc. This setting was added at the request of user "L Kang".
(update 1.3.21.2: revision to BlockSequentialChars where abc and 123 will be blocked, but not !@#)
v1.3.21
New version v1.3.21
Highlights of this release are:
-
Completely removed ETW logging and moved to basic text file logging. After all these years, I am finally admitting publicly that I was just trying to be a cool Windows guru and that I was just being sadistic by trying to force people to use ETW. ETW has its uses but it's really awful for when you really just want a log file. The log file is \Windows\System32\PassFiltEx.log and the log is rotated after it reaches 1MB. By default only error messages are logged, but if you use the Debug registry setting in the PassFiltEx subkey, it will enable additional informational messages. Updated the README with this information.
-
Added a "BlockSequentialChars" setting. This setting adds the ability to block passwords if they contain 3 or more sequential characters such as ABC or abc or 123 or def or 456, etc. This setting was added at the request of user "L Kang".
v1.2.20
v1.1.10
- Added a new "require either upper case or lower case" to the RequiredCharClasses registry setting - it is 0n32.
- Changed the test program PassFiltExTest. You can use it to test whether PassFiltEx will allow a password or not without having to do all the hassle of installing it on a DC and deciphering the ETW tracing. BUT it only works on the DEBUG build.
v1.1.9
v1.1.8
Minor bug fixes:
-
The filter was allowing a blank password. Not a big deal, since other Active Directory policy would have already prevented a blank password anyway. But it's hard to imagine any scenario where an administrator would want to allow any blank passwords and also have this password filter installed at the same time.
-
The filter was not lowercase'ing the last character, meaning that a password could potentially erroneously pass the blacklist if the last character in the blacklisted token was uppercase.
v1.1.7
v1.1.6
-
Contains all previous fixes and improvements from earlier versions.
-
Lower memory usage compared to earlier versions.
-
Added the ability to require additional categories of characters in a password, above and beyond what built-in AD password complexity requires.
-
Fixed a nasty memory bug where I was copying into memory before I had allocated space for it.