I have done the test below and still didn't work. I check to make sure
domain GPO's were being applied, and they are.
As I mentioned minimum password length is 8 characters.
If my password is Myp@sw0rd (as you can see its actually 9) it works ok, but
if I try to use Myp@sw0rd1sthis it does now work. It will not allow me to
change it.
I have also check the other requirements ( history, username in password,
etc...)
Could there be a restriction as far as using a special character more than
once?
I have seen the documentaion that states otherwise, but anything longer than
9-10 characters fails.
*shrug*
Daniel
----- Original Message -----
From: "Brian K. Dore" <bkd (at) louisiana (dot) edu [email concealed]>
To: <dgonzalez.itpro (at) gmail (dot) com [email concealed]>; <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Tuesday, May 19, 2009 10:50 AM
Subject: RE: AD Password complexity - passwords too long?
> AD allows 127 characters. I have (progmatically) set passwords up to this
> length. Win9x were limited to 14 IIRC. Some people may have incorrectly
> assumed that the AD limit is based on the length of the password field in
> the interactive dialog box which is something like 28 characters or so,
> but scrolls when that size is exceeded. That may explain the erroneous
> documentation. Try setting a password to something straightforward for
> testing like A1aaaaaaaaaaaaaaaaaa and verify if it's a length issue or
> something else.
>
> Brian
>
>
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> On Behalf Of dgonzalez.itpro (at) gmail (dot) com [email concealed]
> Sent: Tuesday, May 19, 2009 11:32 AM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: AD Password complexity - passwords too long?
>
> Hello list,
>
> We have password complexities set on our domain; minimum password length
> is 8 and all XP users and Windows 2003 servers.
>
> I can set my password to 9-10 characters, but if I try to set it for 10+
> characters, they get the error message that they do not meet the
> complexity requirements.
>
> I have searched Microsoft documentation, and find minimum length
> requirements. I think I saw something about 28 characters, and even 127
> characters.
>
> Does anyone know if there is a max password length?
>
> We would like to keep the minimum 8 characters, and the maximum varied at
> the users discretion. Can this be done?
>
>
> Thanks
I have done the test below and still didn't work. I check to make sure
domain GPO's were being applied, and they are.
As I mentioned minimum password length is 8 characters.
If my password is Myp@sw0rd (as you can see its actually 9) it works ok, but
if I try to use Myp@sw0rd1sthis it does now work. It will not allow me to
change it.
I have also check the other requirements ( history, username in password,
etc...)
Could there be a restriction as far as using a special character more than
once?
I have seen the documentaion that states otherwise, but anything longer than
9-10 characters fails.
*shrug*
Daniel
----- Original Message -----
From: "Brian K. Dore" <bkd (at) louisiana (dot) edu [email concealed]>
To: <dgonzalez.itpro (at) gmail (dot) com [email concealed]>; <focus-ms (at) securityfocus (dot) com [email concealed]>
Sent: Tuesday, May 19, 2009 10:50 AM
Subject: RE: AD Password complexity - passwords too long?
> AD allows 127 characters. I have (progmatically) set passwords up to this
> length. Win9x were limited to 14 IIRC. Some people may have incorrectly
> assumed that the AD limit is based on the length of the password field in
> the interactive dialog box which is something like 28 characters or so,
> but scrolls when that size is exceeded. That may explain the erroneous
> documentation. Try setting a password to something straightforward for
> testing like A1aaaaaaaaaaaaaaaaaa and verify if it's a length issue or
> something else.
>
> Brian
>
>
>
> -----Original Message-----
> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
> On Behalf Of dgonzalez.itpro (at) gmail (dot) com [email concealed]
> Sent: Tuesday, May 19, 2009 11:32 AM
> To: focus-ms (at) securityfocus (dot) com [email concealed]
> Subject: AD Password complexity - passwords too long?
>
> Hello list,
>
> We have password complexities set on our domain; minimum password length
> is 8 and all XP users and Windows 2003 servers.
>
> I can set my password to 9-10 characters, but if I try to set it for 10+
> characters, they get the error message that they do not meet the
> complexity requirements.
>
> I have searched Microsoft documentation, and find minimum length
> requirements. I think I saw something about 28 characters, and even 127
> characters.
>
> Does anyone know if there is a max password length?
>
> We would like to keep the minimum 8 characters, and the maximum varied at
> the users discretion. Can this be done?
>
>
> Thanks
[ reply ]