Problem
Connect to AD supports randomly generated or hardcoded dynamic passwords as its primary provisioning options. However, passwords are increasingly being replaced by more user-friendly alternatives, like passphrases, sequences of common words, which are easier to read and communicate while still meeting most security requirements.
Solution
Connect to AD now supports generating passphrases alongside the existing approaches:
GeneratePassphrase(wordCount, maxLength, includeUpper, includeNumbers, includeSpecial)
Instead of random characters, this method builds a password using a passphrase, making it easier to read and communicate in automated notifications and manual handoffs.
- wordCount: number of words in the passphrase
- maxLength: maximum total character length (hard cap: 25)
- includeUpper: capitalizes the first letter of the passphrase
- includeNumbers : appends a number
- includeSpecial : included a special character
Example expression:
GeneratePassphrase(3, 15, true, true, true)Example result: Scarlet@Topaz5
GeneratePassphrase(3, 15, false, true, true)Example result: ivory$galaxy3
GeneratePassphrase(3, 15, false, false, true)Example result: lemoncloud$onyx
GeneratePassphrase(3, 15, false, false, false)Example result: cherrydaisycloud
- If includeUpper is enabled, only the first letter of the passphrase is capitalized.
- The word pool is loaded from a customizable text file.
Conclusion
Passphrase generation adds a more readable alternative to random strings, enhancing Connect to AD's existing provisioning capabilities.
Comments
0 comments
Please sign in to leave a comment.