WEAKWORD
Current release is v1.0 dated 2003
Description
This is a small DOS program which takes as input a RACF database and processes it in two passes to check for trivial passwords. It is similar to CRACF but does not reveal the weak password, it merely indicates the password as having been identified as weak. It does however include the facility for you to add your own dictionary of weak passwords by using WEAKDAT.Example
Pass 1 - base UserID information is identified and the UserIDs counter incremented for each.
Pass 2 - for each identified UserID it checks to see if the current password is either the UserID, the DFLTGRP or the UserID backwards. Remaining counter is decremented, and either hits or misses counter incremented for each. An output file (WEAKWORD.TXT) is generated with one line per UserID showing results.
Step 1 - submit JCL to copy structured RACF database into flat file
sample JCL
Step 2 - transfer from mainframe to PC as binary file.Step 3 - compose a list of weak passwords to check against, e.g.
create password.txt with one password per line
Step 4 - run WEAKDAT to convert the list of passwords into
the format required by the WEAKWORD utility, .e.g.
weakdat password.txt
Step 5 - run WEAKWORD utility, e.g.
weakword flatfile.seq
| Nigel's WEAKDAT Utility v1.0 | weakdat.exe (16k) |
|---|---|
| Nigel's WEAKWORD Utility v1.0 | weakword.exe (30k) |
| This page last updated: |
|