Solved

Set Server 2012 AD password requirements to be a combination of all 4 requirements

Posted on 2016-09-12
2
122 Views
Last Modified: 2016-09-14
A certain client would like to make it so that user Active Directory passwords have to contain characters from all four (not just three) of the following four categories (see the screenshot):

-English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Base 10 digits (0 through 9)
- Non alphabetic characters (for example, !, $, #, %)

Is there a way of making it so that all Active Directory account passwords must contain characters from all 4 of these categories (instead of simply requiring only three out of the four)?

Password complexity requirements
0
Comment
Question by:Knowledgeable
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 41

Accepted Solution

by:
Adam Brown earned 250 total points
ID: 41794520
You would have to utilize third party applications to accomplish this. Password complexity requirements are controlled by what is called a Password Filter, which is written and compiled as a DLL file that is installed on all systems that require increased or decreased password complexity requirements. You could potentially create your own password filter, but this is more complex and potentially dangerous than is warranted. https://anixis.com/default.htm has a good third party solution for allowing better customization of password policies, but in general, you're more or less stuck with what is described there when using just Windows.
0
 
LVL 55

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 41794595
I agree. Let me add: requiring all four makes, from the perspective of an attacker who is aware of this, a brute force attack easier, not harder. See http://openwall.info/wiki/john/policy
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question