While there has been great information in this thread about password management, it doesn't really seem to be answering the original question, which is why is there an error being generated for passwords of more than 10 characters.
Dgonzalez, the first thing I would suggest is to try a completely randomly generated password of 12 characters, to insure that you are not reusing a previous password that my be disallowed due to password history requirements. I'm not sure if I saw this suggestion as a test in a previous email. Additional, it is possible for a non-default password filter to be added to a system for password management. Check the following registry key for non-default filters: HKLM\System\CurrentControlSet\Control\LSA\Notification Packages A changed password filter would be standard in a federal system, and is covered by the DISA STIG for Windows systems. Hopefully this helps. Jason Hurst Sr. Network Security Administrator Panda Restaurant Group [email protected] Please consider the environment before printing this email -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Torsten Pihl Sent: Tuesday, May 19, 2009 7:41 PM To: [email protected] Cc: [email protected] Subject: Re: AD Password complexity - passwords too long? Hi, I'm just mentioning this in passing, assuming you already found the answer in the Group Policy thingy. Pass phrase length is far more superior than complexity. Password complexity encourages folks to write their passwords down. Suboptimal. Pass phrases are easy to remember and resistant to password crackers. Ja, Torsten On Tue, May 19, 2009 at 09:32, <[email protected]> wrote: > Hello list, > > We have password complexities set on our domain; minimum password length is 8 and all XP users and Windows 2003 servers. > > I can set my password to 9-10 characters, but if I try to set it for 10+ characters, they get the error message that they do not meet the complexity requirements. > > I have searched Microsoft documentation, and find minimum length requirements. I think I saw something about 28 characters, and even 127 characters. > > Does anyone know if there is a max password length? > > We would like to keep the minimum 8 characters, and the maximum varied at the users discretion. Can this be done? > > > Thanks >
