RE: AD Password complexity - passwords too long?

For a Windows 2003 domain in native mode, the limit is either 128 or
256, I forget which. My administrator password is routinely over 20
characters and I do not have a problem. It is unlikely that you will
have end users with passwords reaching the character limit simply
because it's a pain to type that many characters just to get into a
machine. I wouldn't set a minimum password length less than 8
characters. A password over 15 characters cannot be used for LM or NTLM
authentication. NTLMv2 authentication must be used for these longer
passwords and therefore can be a problem on some older Unix/Linux SMB
servers.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of dgonzalez.itpro@xxxxxxxxx
Sent: Tuesday, May 19, 2009 9:32 AM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: AD Password complexity - passwords too long?

Hello list,

We have password complexities set on our domain; minimum password
length
is 8 and all XP users and Windows 2003 servers.

I can set my password to 9-10 characters, but if I try to set it for
10+
characters, they get the error message that they do not meet the
complexity requirements.

I have searched Microsoft documentation, and find minimum length
requirements. I think I saw something about 28 characters, and even
127
characters.

Does anyone know if there is a max password length?

We would like to keep the minimum 8 characters, and the maximum varied
at
the users discretion. Can this be done?


Thanks

Relevant Pages

  • RE: User cannot change password
    ... Make sure that the password users give meet the complexity requirements. ... access to network resources is to use secure passwords. ... Minimum Password Length sets the minimum number of characters for a ... characters), which is definitely not a good idea. ...
    (microsoft.public.win2000.active_directory)
  • RE: User cannot change password
    ... complexity requirements. ... >access to network resources is to use secure passwords. ... >Minimum Password Length ... >characters), which is definitely not a good idea. ...
    (microsoft.public.win2000.active_directory)
  • Secure Password Policy?
    ... I noticed that "best practice" for Minimum password length policy is ... password if it is less than 8 characters. ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • RE: AD Password complexity - passwords too long?
    ... AD Password complexity - passwords too long? ... I can set my password to 9-10 characters, but if I try to set it for 10+ ... complexity requirements. ... at the users discretion. ...
    (Focus-Microsoft)
  • RE: AD Password complexity - passwords too long?
    ... AD Password complexity - passwords too long? ... We have password complexities set on our domain; minimum password length is 8 and all XP users and Windows 2003 servers. ... I can set my password to 9-10 characters, but if I try to set it for 10+ characters, they get the error message that they do not meet the complexity requirements. ...
    (Focus-Microsoft)