RE: AD Password complexity - passwords too long?

G'day Daniel,

We never recommend that clients use passwords, but passphrases. This way, by including proper case and punctuation, you've automatically complied with the complexity requirements and you've surpassed 14 characters - we suggest a sentence such as "At 3.00 on Friday I need to collect the kids from school." But using a sentence that isn't actually true (ie, this is a great example for a childless employee).

So, with our clients, we've pretty much *all* got passwords that far exceed 10 characters, and for that matter, we set the min password length to 12 on all sites (mainly because with SBS 2003, the SharePoint integration would break if the min password was longer than 12, however using 25+ char passwords works fine - it is the min password length setting that bOrks this integration).

--

http://hiltont.blogspot.com/

Regards,

Hilton Travis Phone: +61 (0)7 3105 9101
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark Group http://www.quarkgroup.com.au

Microsoft SBSC PAL (Australia) http://www.sbscpal.com/

War doesn't determine who is right. War determines who is left.


-----Original Message-----
On Behalf Of DG Gmail
Sent: Wednesday, 20 May 2009 04:06

Thank for the replies all...

I have done the test below and still didn't work. I
check to make sure domain GPO's were being applied, and
they are.

As I mentioned minimum password length is 8 characters.

If my password is Myp@sw0rd (as you can see its actually
9) it works ok, but if I try to use Myp@sw0rd1sthis it
does now work. It will not allow me to change it.

I have also check the other requirements ( history,
username in password, etc...)

Could there be a restriction as far as using a special
character more than once?

I have seen the documentaion that states otherwise, but
anything longer than 9-10 characters fails.

*shrug*

Daniel



----- Original Message -----
From: "Brian K. Dore" <bkd@xxxxxxxxxxxxx>
Sent: Tuesday, May 19, 2009 10:50 AM

AD allows 127 characters. I have (progmatically) set
passwords up to this length. Win9x were limited to 14
IIRC. Some people may have incorrectly assumed that the
AD limit is based on the length of the password field in
the interactive dialog box which is something like 28
characters or so, but scrolls when that size is exceeded.
That may explain the erroneous documentation. Try
setting a password to something straightforward for
testing like A1aaaaaaaaaaaaaaaaaa and verify if it's a
length issue or something else.

Brian



-----Original Message-----
On Behalf Of dgonzalez.itpro@xxxxxxxxx
Sent: Tuesday, May 19, 2009 11:32 AM

Hello list,

We have password complexities set on our domain; minimum
password length is 8 and all XP users and Windows 2003
servers.

I can set my password to 9-10 characters, but if I try
to set it for 10+ characters, they get the error message
that they do not meet the complexity requirements.

I have searched Microsoft documentation, and find
minimum length requirements. I think I saw something
about 28 characters, and even 127 characters.

Does anyone know if there is a max password length?

We would like to keep the minimum 8 characters, and the
maximum varied at the users discretion. Can this be
done?


Thanks

This document and any attachments are for the intended recipient only.
It may contain confidential, privileged or copyright material which
must not be disclosed or distributed without prior approval.

Quark Group Pty Ltd :: ABN 23 114 975 772
Trading As Quark AudioVisual, Quark Automation, Quark IT

Relevant Pages

  • Re: _stprintf
    ... Here's the documentation for CreateFile: ... I don't blame Microsoft for not documenting Windows ME but I wonder why they ... "Since you can't use any multibyte encoding in CreateFile," ... to use MAX_PATH Kanji characters to name a file. ...
    (microsoft.public.vc.mfc)
  • Re: XmlTextWriter Encodes HTML Entities?
    ... as XML, ... Most of us and most documentation including W3C documentation define & ... as an HTML character entity. ... specific text characters as HTML character entities. ...
    (microsoft.public.dotnet.xml)
  • Re: Protecting the Operating System
    ... According to its documentation, the password is up ... The initial password after the installation of CompuSec is ... The user ID must be 1 to 16 characters long. ...
    (alt.computer.security)
  • Re: using word.application in VB
    ... >I am trying to extract the characters from a word document within a VB6 app ... > then trying to access the character array. ... > Can someone point me at the documentation i need or tell me how to extract ...
    (microsoft.public.vb.general.discussion)
  • RE: difficulties with utf-8 characters using DBD::Oracle, where works using DBD::Pg (PostgreSQL) -
    ... DBD::Oracle 1.16, which explained the weird behavior of Oracle with plain ... > and read the documentation about unicode carefully. ... >> special characters. ... >> EOF ...
    (perl.dbi.users)
Quantcast