Recently I found a problem with a password of a user on Windows Server 2003:
 |
The Following error occurred while attempting to set the password for user XXX
The password does not meet the password policy requirements. Check the minimum password lenght, password complexity and password history requirements. |
But...I thought my password was secure!! Just to make an example, it was something like $12Rjdio34& . Uppercase and lowercase letters, numbers, symbols, it' the first password for the user, WTF???
It turned out that default Windows server 2003 has an extra security requirement: password cannot contain any kind of reference to all or part of the user name.
Here is the most comprehensive list of requirements I found:
The default password filter (Passfilt.dll) included with Windows Server 2003 requires that a password:
- Is not based on the user’s account name.
- Contains at least six characters.
- Contains characters from three of the following four categories:
- Uppercase alphabet characters (A–Z)
- Lowercase alphabet characters (a–z)
- Arabic numerals (0–9)
- Nonalphanumeric characters (for example, !$#,%)
To change the default behaviour (and for reference) see:
Labels: windows