Group Policy Updated To Support 20 Character Minimum Password ...
Maybe your like
Until recently it was not possible to set the default domain password length via GPMC to anything longer that 14 characters (see below). This limit was enforced via the UI but it was possible to set a password value longer manually if the user chose a longer password. Most likely the reason that this limit was enforced was that the LM Password hash limit for Windows 98 and NT 4 was 14 characters.Â
But good news, with the release of the latest version of GPMC for Windows 10 1803 Microsoft has now changed this UI limit value to 20 characters.Â
However, Microsoft still warns that:
“Older versions of Windows (such as Windows 98 and Windows NT 4.0) do not support passwords that are longer than 14 characters. Computers that run these older operating systems are unable to authenticate with computers or domains that use accounts that require long passwords.â€.
So as always, test carefully before rolling out this setting and be sure that you do not have any legacy device still running on your domain before you set this option.Â
Another thing to be cautious of is that if an admin attempts to change this setting via an older version of GPMC then it will force the minimum length back to 14 characters. But this is just another reason why you should always have the latest version of GPMC installed in your environment.
So now you can go forth and force longer passwords for all… HORAA!!! But if you are going to increase the minimum password length consider also implementing some of the other current guidance and for the sake of the users sanity. For example it is now recommend by some that removing maximum password age and complexity (see https://www.ncsc.gov.uk/guidance/password-guidance-simplifying-your-approach ) is actually more secure especially when you have a longer password that is more conducive to picking a phrase rather than just one word. In any case, the new raised minimum value as an option is welcome change…
Source: https://twitter.com/PyroTek3/status/1000565062501888001
Tag » Active Directory Minimum Password Length 14
-
Minimum Password Length Auditing And Enforcement On Certain ...
-
Cannot Set Minimum Password Length To More Than 14 Characters
-
Minimum Password Length Changes To 14 Characters - Windows Server
-
Minimum Password Length: Default Domain Policy Versus Set ...
-
1.1.4 Ensure 'Minimum Password Length' Is Set To '14 Or More C...
-
How To Set And Manage Active Directory Password Policy
-
How To Configure A Domain Password Policy - Active Directory Pro
-
Configuring A Domain Password Policy In The Active Directory
-
15 Character Minimum Password Length Not Enforced : R/activedirectory
-
How To Increase The Minimum Character Password Length (15+) ...
-
Password Policy Enforcement - Specops Software
-
Windows Server 2016 Minimum Password Length Must Be ...
-
Domain Password Policy - How To Configure & Setup!
-
SOLVED: Event ID: 16979 - The Domain Is Incorrectly Configured ...