Random Password Generator

whotimewhotime Member Posts: 122 ■■■□□□□□□□
Does anyone have a good Random Password Generator that they use at their help desk for resetting users passwords?
WGU BS: IT-Security
In Progress: C170, C246
To Be Completed: C247, C299, C697, C698, C435, C436, C179

Comments

  • LexluetharLexluethar Member Posts: 516
    IMO I would just require the end user to change their password at next login.

    You can use a PW generator - but usually they create really complex passwords (which is great) that are so complex they require someone to email / message the password (which is not good).

    We've found just allowing the service desk to reset the password to something easy, but requiring the 'user must change password at next login' box to be checked in AD once reset.

    Yes there is a risk of a service desk person knowing a password - but if they have AD access they could go in and reset it to anything regardless if they wanted to and access that account. So take the lesser of two evils, allow them to use a generic (generic to that service desk person) password but require the end user to change it.

    Just my two cents and what i've experienced at my company.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    Lexluethar wrote: »
    IMO I would just require the end user to change their password at next login.

    My thoughts exactly.
    An expert is a man who has made all the mistakes which can be made.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    Agree with the others, make it something they can enter and then force change on login. I use lastpass to generate random ones but I can't imagine any of the users being able to enter those manually, and good luck explaining them over the phone.
  • dustervoicedustervoice Member Posts: 877 ■■■■□□□□□□
    Echoing what everyone said.. make it easy and require a password change. What i normally do when i worked in helpdesk was just to look at any object in the room and add a number at the end. So i would normally reset passwords to the likes of:

    PaperDeck12345
    CoffeeCup9
    HPprinter123
    BlackMonitor5
    MyfavoritePen2

    You get the point :)
  • PlantwizPlantwiz Mod Posts: 5,057 Mod
    I agree with Network and Lexluethar, always have the end user create there own. Admins have the power to log into machines/accounts as needed and if there is a problem unique to the user, simple remote in or go to them and have them recreate the problem with you there. You can create a policy that requires specific difficulty for the password, but keep a balance between too difficult to where the end user writes the PW down and affixes a sticky to their monitor icon_shaking.gif

    Otherwise, it may be time to look into biometric log ins or FOBs, most environments do not need that extreme.

    The caveat with an easy password after a reset is that it is required that the end user reset their PW immediately upon log in, which you should be able to set up. The follow up for you is to test the log in and confirm the password was reset, but if that is handled in group policy, you should not need to test it.
    Plantwiz
    _____
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    cyberguypr wrote: »



    Yep, set last pass to 12+ characters and read the new password over the phone or give it to them the traditional way - on a postit. Of course a postit! Fits neatly on the monitor that way.

    - b/eads
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I hate users so that's how I roll! I completely missed the part where the OP said "use at their help desk for resetting users passwords".
Sign In or Register to comment.