Password Scanner

The Password Scanner ensures that the strength of users' passwords is sufficiently secure.

Password Scanner Details

Included in HealthCheck Version 1.0.3.1 and later, the Password Scanner consists of two tests: the Super User test and the All User test. Each test checks the password of the users in the selected group and produces an error if their password is 'password,' or matches a password on a preset list of common passwords. This list can be managed in the HealthCheck properties file.

If a user's password is 'password,' the scanner produces a SEVERE error. If a user's password matches one of the passwords on the list, the scanner produces an ERROR error.

Since both of these tests reveal information about users' passwords, results can only be seen by admin users, or super users. A non-super user cannot see the Password Scanner as an option, although it is still run in the background with all other tests. When it is run by a non-super user, the run dialog shows that the Password Scanner ran but produced no results.

Super users can enable and disable each test individually from the HealthCheck UI, or the HealthCheck properties file through the command line.

Super User Test: The Super User test checks the passwords of all users in the system that are part of the super group.

All User Test: The All User test checks the passwords of all users in the system, regardless of whether or not they are part of the super group.