Re: Password requirements

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Laura E. Hunter \(MVP\) (hunter(nospamplease)_at_sfs.upenn.edu)
Date: 04/26/04 

Date: Mon, 26 Apr 2004 12:33:02 -0400

The default password-complexity settings in Windows 2000 are as follows:

Computer Configuration\Windows Settings\Security Settings\Account
Policies\Password Policy

Determines whether passwords must meet complexity requirements.

By default, this setting is disabled in the Default Domain Group Policy
object (GPO) and in the local security policy of workstations and servers.

If this policy is enabled, then passwords must meet the minimum requirements
described in the Notes section.

Notes

The default password filter (passfilt.dll) included with Windows 2000
requires that a password:

  a.. Does not contain all or part of the user's account name
  b.. Is at least six characters in length
  c.. Contains characters from three of the following four categories:
    a.. English upper case characters (A..Z)
    b.. English lower case characters (a..z)
    c.. Base 10 digits (0..9)
    d.. Nonalphanumeric (For example, !,$#,%)
Complexity requirements are enforced upon password change or creation.

For the difference between 5 and 6 characters, I'd use the defaults for the
sake of simplicity. If you want to create a custom password filter, you'll
need the Microsoft Platform SDK - poke around http://msdn.microsoft.com for
details. 

-- 
******************************
Laura E. Hunter - MCSE, MCT, MVP
Replies to newsgroup only
"Brian Henry" <brianiupmsdn@newsgroups.nospam> wrote in message 
news:O9l9Dc6KEHA.3472@TK2MSFTNGP11.phx.gbl...
> Hi,
>
> How can you do this in windows 2000? We want something similar to the high
> security password in windows, but with out all the requirements... all we
> want is the user must have at least 5 alpha characers (A-Z,a-z) and at 
> least
> one number (0-9), special characters are not required, but are allowed. 
> how
> would we set that up? thanks
>
>
>

Relevant Pages

  • Re: GPO - password policy - Urgent
    ... That is curious that you are having a problem with Windows 98 since I would ... think Windows 98 would work with any password up to 14 characters but I ... for Windows 2003 domain controllers in either Local Security Policy ...
    (microsoft.public.windows.server.security)
  • RE: User creation - password policy rejection
    ... When you set the Passwords must meet complexity requirements policy setting, ... Your password must be at least x characters; ... I've disabled Password Complexity option under Domain Security and Domain ...
    (microsoft.public.windows.server.active_directory)
  • Win XP Pro Reset password error!
    ... I have a WinXP Pro that is a member of a Windows 2003 AD. ... Control Policy and the Domain Policy for Password set to minimum of 4 ... "Your password must be at least 4 characters and cannot repeat of your ...
    (microsoft.public.windows.server.security)
  • Re: Win XP Pro Reset password error!
    ... configured policy - and you're trying to enter password less than 4 ... > Control Policy and the Domain Policy for Password set to minimum of 4 ... > characters long with zero password kept in history. ... > to the Windows XP clients before joining them to the W2003 domain. ...
    (microsoft.public.windows.server.security)
  • Password Policy "1 days old" problem
    ... I need some help in figuring out how to administer password policy. ... I have a brand-new AD machine (Windows 2003 Server Enterprise freshly ... Minimum Password Length 0 Characters ...
    (microsoft.public.windows.server.active_directory)