Ansgar, You're absolutely wrong in your statement here. Enforcing passwords that MUST consist of uppercase letters, lowercase letter, numbers AND special characters INCREASES the total number of possible passwords; which in turn has a positive impact on your security.
It is much harder to break a password of AaBb1! than aabb1! The more options there are that are enforced, the more complex the passwords. The determining factor in this case would be how long or short the password lengths are. R/ Jackson -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ansgar -59cobalt- Wiechers Sent: Wednesday, August 15, 2007 2:39 PM To: [email protected] Subject: Re: Password complexity - improvement On 2007-08-15 dubaisans dubai wrote: > Is there a way to improve the password complexity requirements in > Windows 2000/2003 servers > > The default will enforce 3 of the following 4 properties - Uppercase, > smallercase, numbers, special-characters. > > Is there a way to enforce all 4 properties. Enforcing passwords that MUST consist of uppercase letters, lowercase letters, numbers AND special characters reduces the total number of possible passwords, which in consequence has a negative impact on your security. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
