Recovering (hacking) Notes ID Passwords

Password recovery

If you are an administrator, you should be taking advantage of the Domino password recovery which will allow you to recover passwords for users who forget theirs.

Software to recover passwords

Lotus Notes Key will test various passwords against an id in an attempt to discover the password. The product states that it works on version 4.1 - 6.5 id's. The really important take-away from this is to add some complexity to your passwords. If your password is a dictionary word and your id was available to a hacker, it's very easy to discover that password. Also, if your password is still 'password', you basically do not care about security in your organization.

Add complexity to your password

Alan Lepofsky is one of the top evangelists of Lotus Notes Hints, Tips and Tricks. If you can catch his Lotusphere presentation, it's really eye-opening, even for seasoned developers/admins. He wrote a quick note yesterday with some simple but good ideas for passwords. The simple point was to use phrases rather than simply a single alpha-numeric password.