Step 2 : Find and open the policy called " Minimum password length ". Step 3 : Enter a number between 0 and 14, and click OK in the "Minimum password length Properties" dialog. For example, if you want the least number of characters that a user password must contain to be six, you can input 6 in the box.
Tip : 0 means no password is required, which enables you to create a blank user password. Passwords that contain only alphanumeric characters are easy to discover with several publicly available tools. Configure the Passwords must meet complexity requirements policy setting to Enabled and advise users to use a variety of characters in their passwords. When combined with a Minimum password length of 8, this policy setting ensures that the number of different possibilities for a single password is so great that it's difficult but possible for a brute force attack to succeed.
If the Minimum password length policy setting is increased, the average amount of time necessary for a successful attack also increases. If the default configuration for password complexity is kept, more Help Desk calls for locked-out accounts could occur because users might not be used to passwords that contain non-alphabetical characters, or they might have problems entering passwords that contain accented characters or symbols on keyboards with different layouts.
However, all users should be able to follow the complexity requirement with minimal difficulty. If your organization has more stringent security requirements, you can create a custom version of the Passfilt. For example, a custom password filter might require the use of non-upper-row symbols. Upper-row symbols are those symbols that require you to press and hold the SHIFT key and then press any of the keys on the number row of the keyboard, from 1 through 9 and 0.
A custom password filter might also perform a dictionary check to verify that the proposed password doesn't contain common dictionary words or fragments. However, such stringent password requirements might result in more Help Desk requests. Alternatively, your organization could consider a requirement for all administrator passwords to use ALT characters in the — range.
ALT characters outside of this range can represent standard alphanumeric characters that wouldn't add more complexity to the password. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. Is this page helpful? Please rate your experience Yes No. Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
This security policy reference topic for the IT professional describes the best practices, location, values, and security considerations for this policy setting. The Passwords must meet complexity requirements policy setting determines whether passwords must meet a series of guidelines that are considered important for a strong password. Enabling this policy setting requires passwords to meet the following requirements:.
Both checks are not case sensitive. The samAccountName is checked in its entirety only to determine whether it is part of the password. If the samAccountName is less than three characters long, this check is skipped.
The displayName is parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the displayName is split and all parsed sections tokens are confirmed to not be included in the password.
Tokens that are less than three characters are ignored, and substrings of the tokens are not checked. For example, the name "Erin M. Hagens" is split into three tokens: "Erin", "M", and "Hagens". Because the second token is only one character long, it is ignored.
Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password. Uppercase letters of European languages A through Z, with diacritic marks, Greek and Cyrillic characters. Lowercase letters of European languages a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters. Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.
0コメント