Solved

Customize password complexity requirements

Posted on 2014-03-06
3
260 Views
Last Modified: 2014-03-24
I want to change the password complexity requirements.
For example, I need use password:

8 lenght characters,
Required just numbers and letters lowercase or uppercase.
No allow account name
No allow my organization name
0
Comment
Question by:soporte_synergy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Expert Comment

by:Zac Harris
ID: 39909718
Normally you would use Group Policy to accomplish this.

Here is some info for you...

from: Microsoft

1.Open Active Directory Users and Computers.

2.In the console tree, right-click the domain or organizational unit that you want to set Group Policy for.

3.Click Properties, and then click the Group Policy tab.

4.Click an entry in Group Policy Object Links to select an existing Group Policy object (GPO), and then click Edit. You can also click New to create a new GPO, and then click Edit.

5.In the console tree, click Password Policy (Group Policy Object [computer name] Policy/Computer Configuration/Windows Settings/Security Settings/Account Policies/Password Policy)

6.In the details pane, right-click the policy setting that you want, and then click Properties.

7.If you are defining this policy setting for the first time, select the Define this policy setting check box.

8.Select the options that you want, and then click OK.

You will want to set: Password must meet complexity requirements and Minimum password length
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 39910683
you will need a 3rd party tool to enforce what you want.  The built in solution does not have those options.

What password complexitiy does support is:

1. Not contain significant portions of the user's account name or full name.

Actually:
We look at the entire Account Name and the Full Name. We ensure that the Password does not contain the entire name of either. We also parse through the Account Name and Full Name for delimiters: commas, periods, dashes/hyphens, underscores, spaces, pound-signs and tabs. If any are found, the Account Name or Full Name are split and all sections are verified not to be included in the password. We do not check for any character or any three characters in succession.

From this Technet article:
2. Be at least six characters in length.

Actually:
Password complexity does NOT check password length.

From this Technet article:
3. Contain characters from three of the following four categories:

    English uppercase characters (A through Z)
    English lowercase characters (a through z)
    Base 10 digits (0 through 9)
    Non-alphabetic characters (for example, !, $, #, %)

Actually:
It is three of 5 categories. The four categories listed above and a catch-all category of any Unicode character that does not fall under the above four categories. This fifth category can be regionally specific.

https://blogs.technet.com/b/askds/archive/2009/05/19/understanding-password-policies.aspx

You can use fine-grained password policy if you need different policies for different accounts.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39911919
And for a product recommendation:
http://anixis.com/products/ppe/ can do all that and much more. Simple, easy to learn, (for me) so far bug free and worth the money.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Nathan Brom/Bromy2004 Introduction There are numerous websites out there for any different type of program you can imagine.  Of those, you'll need to decide which ones are legitimate and aren't trying to steal your money or infect your comput…
This article covers how to install the Microsoft Windows Operating System (OS). What is covered in this article:  > Different Versions and Editions of the Windows OS  > Upgrading versus Fresh Installation of the OS           - Steps to take pr…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question