Re: Complex password with special character

---

• From: Meinolf Weber
• Date: Fri, 25 Jan 2008 17:24:39 +0000 (UTC)

---

Hello Jon,

Passwords must meet complexity requirements determines whether password complexity is enforced. If this setting is enabled, user passwords meet the following requirements:

The password is at least six characters long.

The password contains characters from at least three of the following five categories:

English uppercase characters (A - Z)

English lowercase characters (a - z)

Base 10 digits (0 - 9)

Non-alphanumeric (for example: !, $, #, or %)

Unicode characters


The password does not contain three or more characters from the user's account name.

If the account name is less than three characters long, this check is not performed because the rate at which passwords would be rejected is too high. When checking against the user's full name, several characters are treated as delimiters that separate the name into individual tokens: commas, periods, dashes/hyphens, underscores, spaces, pound-signs, and tabs. For each token that is three or more characters long, that token is searched for in the password; if it is present, the password change is rejected. For example, the name "Erin M. Hagens" would be split into three tokens: "Erin", "M", and "Hagens". Because the second token is only one character long, it would be ignored. Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password. All of these checks are case-insensitive.

These complexity requirements are enforced upon password change or creation of new passwords. It is recommended that you enable this setting.



Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Hi!

Is is possible to enforce the password complexity with special
character? Active Directory should not accept any passsword without a
single special charater.

Regards.

.

---

• Prev by Date: Re: Complex password with special character
• Next by Date: Annoying spyware popups? Help!
• Previous by thread: Re: Complex password with special character
• Next by thread: RE: Complex password with special character
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: User cannot change password ... Make sure that the password users give meet the complexity requirements. ... access to network resources is to use secure passwords. ... Minimum Password Length sets the minimum number of characters for a ... characters), which is definitely not a good idea. ... (microsoft.public.win2000.active_directory) Re: Password Complexity issue ... "Password must meet complexity requirements" means that at the same time: ... characters ... > Account is disabled orginally. ... > Maximum password age 120 days ... (microsoft.public.windows.server.active_directory) RE: Password complexity - improvement ... complexity requirements, and you knew the first three characters were ... were Aa1 in order to only try special characters for the 4th. ... even complexity requirements can't replace user education. ... (Focus-Microsoft) RE: User cannot change password ... complexity requirements. ... >access to network resources is to use secure passwords. ... >Minimum Password Length ... >characters), which is definitely not a good idea. ... (microsoft.public.win2000.active_directory) RE: User creation - password policy rejection ... When you set the Passwords must meet complexity requirements policy setting, ... Your password must be at least x characters; ... I've disabled Password Complexity option under Domain Security and Domain ... (microsoft.public.windows.server.active_directory)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(12)