Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Password Length and Group Policy

Status
Not open for further replies.
pachucos

pachucos

MIS
Nov 21, 2002
38
0
0
US
I was wondering if there is a way to make group policy force a min length of users passwords to more than 16 characters? I have it set to 14 right now but that is the highest that gp will allow. I want my users to use 16 or more characters in thier passwords. What I am really looking for is a update that would allow that.
thanks in advance.
 
Sort by date Sort by votes
Password length is a domain wide setting. It needs to be set via GPO on the domain.

Denny

--Anything is possible. All it takes is a little research. (Me)

[noevil]
 
Upvote 0 Downvote
I know that but I want to force users to have at least a 16 character password. GP will only go as high as 14 characters.
 
Upvote 0 Downvote
thanks,
the reasoning is due to the lanman hash. it is 7 characters hash. and if you have a 13 character password. it gets broken up as two 7 characters hashs. so if I made them use 16 characters the has wouldnt be broken up. just a thought.
 
Upvote 0 Downvote
If you set the encryption level above that level it won't store the passwords in the LANMAN hash. At the moment I can't remember where the setting it. Passwords that are forced to be that long will be very hard for users to remember.

Data shows that it is easiest for people to remember 7 digit strings. Hence the 7 digit phone number in the U.S.

Denny

--Anything is possible. All it takes is a little research. (Me)

[noevil]
 
Upvote 0 Downvote
AD supports passwords up to 128 characters (I think, it may be 256), but the GUI has the 14 character limit, due the lanman hash mentioned above.
 
Upvote 0 Downvote
I have users that can't remember 4 digit passwords. I try to make them remember passpharases. it makes it kinda easier. and that is also why i wnat 16 characters so the lanman hash won't be stored.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
53
strongm
strongm
bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
62
DrB0b
DrB0b
penguinroundup
  • Locked
  • Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
51
penguinroundup
penguinroundup
TECHMAN007
  • Locked
  • Question
RD Web Password Change
Replies
0
Views
39
TECHMAN007
TECHMAN007
rrmcguire
  • Locked
  • Question
group policy to set dns
Replies
2
Views
75
rrmcguire
rrmcguire

Part and Inventory Search

Sponsor

Back
Top