Is there something we can do to prevent multiple users from assigning the same password?

Question

Is there something we can do to prevent multiple users from assigning the same password?

I have a web application that processes employee worksheets.

They have username and password combinations assigned to them by the administrator.

Passwords are salted and hashed individually.

The problem is that all of them are assigned the same password by the administrator. This is obviously a security issue.

I do not want the error with the password you are trying to use to be already used, because ...

This shows that someone has this password. Bad security.
I cannot compare passwords easily. I need to salt and hash them individually because of how they are stored in the database.

Do I have any opportunity to try to limit this behavior?

+3

security passwords

alex Nov 22 '10 at 0:01

source share

3 answers

This is not a technical problem; this is an organization / management problem ...

An administrator just needs to stop assigning the same password to everyone.

+6

Lukeh Nov 22 '10 at 0:04

source share

? .

+2

jonmorgan 22 . '10 0:04

Mike clark · Accepted Answer · 2010-11-22T00:07:18+0000

The software should force users to change their passwords after logging in for the first time. Ask the program to check if the user is really entering a new password, and not repeating the old one.

Is there something we can do to prevent multiple users from assigning the same password?

More articles: