Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Lee Clemens (securityleeclemens.net)
Date: Wed May 20 2009 - 11:09:22 CDT
Password complexity rules can include similarity to previous passwords.
Both passwords you are using contain the same 9 characters.
Try: sihts1dr0wspyM or something different
From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com] On
Behalf Of DG Gmail
Sent: Tuesday, May 19, 2009 2:06 PM
To: Brian K. Dore; focus-mssecurityfocus.com
Subject: Re: AD Password complexity - passwords too long?
Thank for the replies all...
I have done the test below and still didn't work. I check to make sure
domain GPO's were being applied, and they are.
As I mentioned minimum password length is 8 characters.
If my password is Mypsw0rd (as you can see its actually 9) it works ok, but
if I try to use Mypsw0rd1sthis it does now work. It will not allow me to
I have also check the other requirements ( history, username in password,
Could there be a restriction as far as using a special character more than
I have seen the documentaion that states otherwise, but anything longer than
9-10 characters fails.