Announcement

Collapse
No announcement yet.

Password complexity

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Password complexity

    I have a quick question. if I remove password complexity from a domain controller(2008 R2 server running in 2003 mode), setup a password that does not meet password complexity (instead of 8 characters it is 6) and enable password complexity will AD still let me use the non complex password?

    Sorry for that horribly structured question.

  • #2
    Re: Password complexity

    Yes it will.

    Comment


    • #3
      Re: Password complexity

      Thanks.

      Wanted some advice before I "played"

      Comment


      • #4
        Re: Password complexity

        IT worked thanks.

        FYI just as a bit of advice that I'm sure everyone is aware of.....

        I had a default domain policy and a domain controller policy. The 8 password rule was enabled on both.

        Changed it on both. did a gpdate /force and was able to change the password.

        Enabled the policy and was still able to log in with it as a 6 character password even though the complexity was set to 8.

        Comment


        • #5
          Re: Password complexity

          Password policies at anything other than the domain level (OK, and local) do not apply, so the default domain controller GPO setting is a red herring
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: Password complexity

            Originally posted by sajustice View Post
            IT worked thanks.

            FYI just as a bit of advice that I'm sure everyone is aware of.....

            I had a default domain policy and a domain controller policy. The 8 password rule was enabled on both.

            Changed it on both. did a gpdate /force and was able to change the password.

            Enabled the policy and was still able to log in with it as a 6 character password even though the complexity was set to 8.
            The policy doesn't prevent you from using a password that doesn't meet the complexity requirements. It prevents you from setting a password that doesn't meet the complexity requirements. As you've seen you can easily get around this if you have the appropriate access to the GPO where the setting is defined.

            Comment

            Working...
            X