Link to home
Start Free TrialLog in
Avatar of kfasick
kfasickFlag for United States of America

asked on

Windows 2008 not taking complex passwords

I have a Windows 2008 server as the DC and setup a password policy.  I've set history to 5 remembered, Max password age to 90 days, minimum age to 0, minimum length to 8 characters, set complexity requirement and store password using reversible encryption.  When ever the user tries to change their password, Windows says it don't meet the minimum requirements.  I've even tried complex password generators  generating password way beyond the requirements, and Windows still states the password is no good.  Please help, end users are getting mad.
SOLUTION
Avatar of Cliff Galiher
Cliff Galiher
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of kfasick

ASKER

Yes, I'm using the default domain policy.  So if I use the "reversible encryption" I can't use the complex password rule?
"Can't?" I don't think the system actually blocks you. But the reversible encryption has been around since NT4 and is all but worthless. If you use it, having co pled passwords does no good as anybody can simply reverse the password and get it, no matter how complex. It is a terrible settings to turn on inkless you have a valid business case to do so, and even then, should be done in an isolated environment and only for that specific purpose.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial