Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Password Complexity

Group Policy Objects

Password Complexity

by  GlenJohnson  Posted    (Edited  )
There has been a bit of confusion over the years surrounding Microsoft's password complexity requirements. Located in Computer Configuration/Windows Settings/Account Policies/Password Policy, this setting (Passwords must meet complexity requirements of the installed filter), is disabled by default. When you enable this, the passwords must meet the following requirements.
1)Cannot contain any or all of the users name.
2)Must be at least 6 characters.
3)Must contain characters from 3 of the following catagories.
A)Uppercase english letters, (A to Z)
B)Lowercase english letters, (a to z)
C)Number 0 to 9
D)Nonalphanumeric characters, (!, @, #, $, etc.)
The reluctance to use the complexity rule stems partly from people thinking it's to complex. Nothing is further from the truth. Id6b@n is a prime example of an easy to remember password.
I=I
d=drink
6=six
b=beers
@=at
n=night
Id6b@n = I drink six beers at night. Simple.
Mi1omfs = Mash is one of my favorite shows.
GDrb#4# = Great Danes are big pound for pound. (The dogs that is.)
So, password complexity isn't all that hard to use after all. Password complexity = password simplicity. You can also change the settings for
Enforce Password History.
Maximum password age.
Minimum password age.
Minimum password length.
Store passwords using reversible encryption for all users in the domain.
in Computer Configuration/Windows Settings/Account Policies/Password Policy.
Go ahead with it, have fun.

Register to rate this FAQ  : BAD 1 2 3 4 5 6 7 8 9 10 GOOD
Please Note: 1 is Bad, 10 is Good :-)

Part and Inventory Search

Back
Top