Viewing Bad Passwords

Discussion forum for Enterprise Edition.
Post Reply
dunc
Posts: 94
Joined: Mon Oct 24, 2005 11:05 pm
Location: Colorado, USA

Viewing Bad Passwords

Post by dunc » Tue Oct 21, 2014 4:56 pm

I have a customer whose mailbox is apparently being hammered occasionally, it appears to be from his office IP, and every 2-3 seconds. After a few attempts, My policies shut down his mailbox and block that IP for all his other internal employees.

I know IP addresses can be easily spoofed, and was wondering if there is a way to display the wrong password being used in the log file? If i see "pass1234", "pass12345", etc., then I would know for sure this is an automated attack to guess my customer's mailbox password. Of course i would not want any true (matching) passwords to be ever logged.

Post Reply