Unfortunately, this is not so simple to implement. You can use the 'store passwords using reversible encryption' option, so that AD has an option to check the original password against the new requirements. But that does mean that somewhere, the plaintext of the user's password is available.
Cheers Ken -----Original Message----- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, 27 August 2010 12:05 AM To: NT System Admin Issues Subject: Re: Minimum password length GPO On Thu, Aug 26, 2010 at 11:40 AM, Jeff Steward <jstew...@gmail.com> wrote: > True, but short of running password audit tools it is the only way to > guarantee that all users meet the new complexity requirement. Oh, absolutely. I'm just saying it might be useful to have an additional option for password policy, where the system would check an accepted password at logon and force a change if the password does not meet current policy. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~