OpenPasswordFilter
OpenPasswordFilter copied to clipboard
jephthai
Add username checks to password validation
I used cdebbo's pull request to get the username into the c# bits, and added checks that the password does not contain SAMAccountName, user's given name, surname, or display name. Maybe someday I'll get around to trying to stop them from using 'leet' mutations on their names, but this is a start.
I also removed the dependency on .net 3.5 and re-rolled the installer, dropping x86. I'm willing to discuss that, but I don't think there's any reason to target an x86 domain controller in 2017.
I've moved the lists to sysvol to leverage active directory replication, and added some logic to watch their last write times and re-read if they've changed. I tried doing this by watching hashes and found it to be not performant with large lists. I've also fixed a bunch of disparate whitespace formatting issues that were making my eyes bleed. I also fixed an issue where service stop took too long for the process to die due to a blocking socket accept call, which would cause the service to not bind the network port on when restarted. Finally, an issue with case sensitivity of the 'matchlist' check was fixed.