Re: Your password must be at least 18,770 char...
At 02:55 PM 7/9/01 -0500, Rick Smith at Secure Computing wrote: >One of those recently posted lists of quotations included a reference to >Microsoft Knowledge Base article Q276304, from late June, which described >the following problem: > >"SYMPTOMS > Your password must be at least 18770 characters and cannot repeat any of >your previous 30689 passwords. Please type a different password. Type a >password that meets these requirements in both text boxes. MS finally got something right about security! - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Your password must be at least 18,770 char...
I have no Windows source code to judge by, but just looking from the outside I believe the error arises as follows. When the MIT-based KDC returns the error code KADM5_PASS_Q_DICT (which it will only do if your Kerberos admin has inserted a dictionary check, as there is none by default), the MS password-changing client fishes in uninitialized memory for some other possible parameters governing the password selection: the length and history. (This sheds no light on what it might do if you try a password with too few character *classes*, which is yet another error code.) - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]