AD and other password dialog fields (for example, mmc snap-ins) will only allow an input of 127 caracters, but Windows will accept up to a 256-character limit on passwords without a problem. Unfortunately, the only way to set that length would be programitically,
If I remember correctly, for organizations with users that have "smart card required for interactive logon" AD will randomized and change that user's password to fit in that 256-character string space. On 5/19/09, Brian K. Dore <[email protected]> wrote: > AD allows 127 characters. I have (progmatically) set passwords up to this > length. Win9x were limited to 14 IIRC. Some people may have incorrectly > assumed that the AD limit is based on the length of the password field in > the interactive dialog box which is something like 28 characters or so, > but scrolls when that size is exceeded. That may explain the erroneous > documentation. Try setting a password to something straightforward for > testing like A1aaaaaaaaaaaaaaaaaa and verify if it's a length issue or > something else. > > Brian > > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of [email protected] > Sent: Tuesday, May 19, 2009 11:32 AM > To: [email protected] > Subject: AD Password complexity - passwords too long? > > Hello list, > > We have password complexities set on our domain; minimum password length > is 8 and all XP users and Windows 2003 servers. > > I can set my password to 9-10 characters, but if I try to set it for 10+ > characters, they get the error message that they do not meet the > complexity requirements. > > I have searched Microsoft documentation, and find minimum length > requirements. I think I saw something about 28 characters, and even 127 > characters. > > Does anyone know if there is a max password length? > > We would like to keep the minimum 8 characters, and the maximum varied at > the users discretion. Can this be done? > > > Thanks > -- Anthony Petito
