Solved

Set Server 2012 AD password requirements to be a combination of all 4 requirements

Posted on 2016-09-12
2
78 Views
Last Modified: 2016-09-14
A certain client would like to make it so that user Active Directory passwords have to contain characters from all four (not just three) of the following four categories (see the screenshot):

-English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Base 10 digits (0 through 9)
- Non alphabetic characters (for example, !, $, #, %)

Is there a way of making it so that all Active Directory account passwords must contain characters from all 4 of these categories (instead of simply requiring only three out of the four)?

Password complexity requirements
0
Comment
Question by:Knowledgeable
2 Comments
 
LVL 39

Accepted Solution

by:
Adam Brown earned 250 total points
ID: 41794520
You would have to utilize third party applications to accomplish this. Password complexity requirements are controlled by what is called a Password Filter, which is written and compiled as a DLL file that is installed on all systems that require increased or decreased password complexity requirements. You could potentially create your own password filter, but this is more complex and potentially dangerous than is warranted. https://anixis.com/default.htm has a good third party solution for allowing better customization of password policies, but in general, you're more or less stuck with what is described there when using just Windows.
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 41794595
I agree. Let me add: requiring all four makes, from the perspective of an attacker who is aware of this, a brute force attack easier, not harder. See http://openwall.info/wiki/john/policy
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question