Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Granular Password Policy

Status
Not open for further replies.
lwinstead

lwinstead

IS-IT--Management
Feb 4, 2002
157
US
I've got a Windows 2003 domain controller and I'm wondering if there's a way to set a password policy that will enforce alphanumeric passwords, at least 5 characters in length. The "complexity" policy isn't what I want, because you're forced to have passwords at least 7 characters long, and they've got to be both uppercase and lowercase and have numbers. Any ideas for a more granular policy approach?

<<<<[flux]>>>>
 
Sort by date Sort by votes
mlichstein,

Thanks for the answer. I'm sure people have done it before, but off-the-bat it sounds too involving for me. I think I'll just post more messages and walk around with an angry face before attempting to re-write the passfilt.dll. Thanks again. (On the off chance that I ever -do- want to re-write it, do you know how?)

<<<<[flux]>>>>
 
Upvote 0 Downvote
I know you don't want to hear this but even 7 characters isn't enough, you can crack them in seconds/minutes. You should encourage your users to use passphrases not passwords (e.g. "My dogs name is R0ver"), they're easy to remember and a lot more secure if over 14 characters.

Password complexity enforces 6 character password minimum anyway doesn't it? For the sake of 1 character I wouldn't create a custom passfilt.dll...
 
Upvote 0 Downvote
NickFerrar,

I totally agree with you 100% on your comment about security, however an IT Manager must balance the status quo with emerging risks and security concerns. There's no way I'm angering my users (including my boss and the owner) by forcing 15 character passwords with heavy complexity when they've been making due with virtually OPTIONAL passwords. However, I'd like to point out the whole point of my original question, which is that I'm trying to finally enforce stricter passwords, with at least -some- level of complexity.

And no, you're incorrect; the complexity policy enforces 7 characters, plus both uppper- and lower-case letters, plus numbers. (Or am I wrong about both upper- and lower-case?)

<<<<[flux]>>>>
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
302
strongm
strongm
penguinroundup
  • Locked
  • Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
327
penguinroundup
penguinroundup
TECHMAN007
  • Locked
  • Question
RD Web Password Change
Replies
0
Views
232
TECHMAN007
TECHMAN007
rrmcguire
  • Locked
  • Question
group policy to set dns
Replies
2
Views
434
rrmcguire
rrmcguire
RdFromK
  • Locked
  • Question
GroupPolicy error 1065 with Windows SBS CSE Policy
Replies
2
Views
437
RdFromK
RdFromK

Part and Inventory Search

Sponsor

Back
Top