Re: NT4 password limited to 14 characters ?

The practical matter is, you don't.

And I gotta say this--that NT 4 domain should be upgraded to Windows Server 2003 as soon as possible. NT 4 support ended a very long time ago.

Steve Riley
steve.riley@xxxxxxxxxxxxx
http://blogs.technet.com/steriley


<jwgoerlich@xxxxxxxxx> wrote in message news:1185190916.601875.117430@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Fair enough. That still begs the question: how does Pascal, the OP,
enable passwords of more than 14 characters on a Windows NT4 domain?

J Wolfgang Goerlich

On Jul 21, 11:10 pm, "Steve Riley [MSFT]" <steve.ri...@xxxxxxxxxxxxx>
wrote:
There are two hashes:
* LM
* NT

There are four authentication methods:
* LM
* NTLM
* NTLMv2
* Kerberos

Here's how they relate:
* LM authentication uses the LM hash
* NTLM, NTLMv2, and Kerberos all use the NT hash

(It's incorrect to say "NTLM" or "NTLMv2" hash.)

LM hashes (and it's really a stretch to call them "hashes") are generated
only if both of these are true:
* You haven't disabled LM hash generation
* Your password length is 14 characters or less

In NT 4.0, the User Manager wouldn't permit you to enter a password longer
than 14 characters. Windows 2000 and higher permit entering a password up to
127 characters; the actual maximum length is 255 characters.

If, however, you meet a certain, ah, esoteric set of requirements, your
minimum length must be at least 18,770 characters. :) Actually, that's a UI
bug described inhttp://support.microsoft.com/kb/q276304/. Still, it's
funny.

Steve Riley
steve.ri...@xxxxxxxxxxxxxxxxx://blogs.technet.com/steriley


.

Relevant Pages

  • Re: NT4 password limited to 14 characters ?
    ... Then I have changed my password through usrmgr to a classic password just for testing that the LM hash is not yet used. ... Actually it is not possible for this company to upgrade the NT4 domain to AD 2003. ... The "big" problem of this situation is that we have to communicate to users that they have to set up a password with a minimal password length of 9 characters AND a maximum password length of 14 :-( ... I have already read that it is a GUI limitation of usrmgr but I have also tried to set up the password through the net user command and through a windows 2000 SP4 member of the NT4 domain but with no success. ...
    (microsoft.public.windows.server.security)
  • Re: NT4 password limited to 14 characters ?
    ... It is not possible to disable the LM Hash on an NT4 computer. ... Now, if I am right with what I said above, why is it possible to define an LMCompatibilityLevel to 5 if the NT4 does not support it? ... Even if I think I will finally bypass the problem by limiting the password synchronization through MIIS only for specific users (that will limit only those users with a 14 characters password length), I really would like to understand how does it work on NT4:) ... I have already read that it is a GUI limitation of usrmgr but I have also tried to set up the password through the net user command and through a windows 2000 SP4 member of the NT4 domain but with no success. ...
    (microsoft.public.windows.server.security)
  • [Full-disclosure] Re: What A Click! [Internet Explorer]
    ... > tell your windows to open .HTA files in notepad. ... > (since there are more ways to cover windows with malicious lookalikes). ... >> Using custom Microsoft Agent characters it is possible to cover any kind ... including security or download dialogs. ...
    (Full-Disclosure)
  • Re: How many bytes per Italian character?
    ... yes I know how to ask Windows CE how big a buffer I'm going to need. ... and characters in Italian are the same size as characters in English, ... So have you detected that WinCE will cause a buffer overrun? ... It is not an error to tell you a string might be longer than it actually ...
    (microsoft.public.vc.mfc)
  • Re: get wide character and multibyte character value
    ... How do you think the characters which requires more than 16-bit in UTF-16, ... it is why I think Windows has limitations to ... later added support for surrogate pairs, so what you see could depend ... Most of my code is handling text as UTF-8. ...
    (microsoft.public.vc.language)