Sign in with
Sign up | Sign in
Your question

Urgent - setting maximum password length in Windows

Last response: in Windows 2000/NT
Share
Anonymous
a b 8 Security
August 4, 2004 5:51:04 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Is it possible to reduce the maximum password length in Windows from 127 or 128 (whichever it is) to something less than that? If so, is a 3rd party solution required?
Anonymous
a b 8 Security
August 4, 2004 9:40:41 PM

Archived from groups: microsoft.public.win2000.security (More info?)

In article <DF740EDC-0A94-40AA-9D6F-DE0D7E58B23F@microsoft.com>, in the
microsoft.public.win2000.security news group, <"=?Utf-8?B?
VG9tIEdvb2RtYW4=?=" <Tom Goodman@discussions.microsoft.com>> says...

> Is it possible to reduce the maximum password length in Windows from 127 or 128 (whichever it is) to something less than that? If so, is a 3rd party solution required?
>

No, and why would you want to reduce the maximum password length?

--
Paul Adare
This posting is provided "AS IS" with no warranties, and confers no
rights.
Anonymous
a b 8 Security
August 5, 2004 9:25:01 AM

Archived from groups: microsoft.public.win2000.security (More info?)

1. because it's a ridiculously high number (know anyone with a 128 character pwd?)
2. I'm implementing a password synch tool & a legacy system REQUIRES a pwd no longer than 8 characters.

"Paul Adare - MVP - Microsoft Virtual PC" wrote:

> In article <DF740EDC-0A94-40AA-9D6F-DE0D7E58B23F@microsoft.com>, in the
> microsoft.public.win2000.security news group, <"=?Utf-8?B?
> VG9tIEdvb2RtYW4=?=" <Tom Goodman@discussions.microsoft.com>> says...
>
> > Is it possible to reduce the maximum password length in Windows from 127 or 128 (whichever it is) to something less than that? If so, is a 3rd party solution required?
> >
>
> No, and why would you want to reduce the maximum password length?
>
> --
> Paul Adare
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
Related resources
Anonymous
a b 8 Security
August 5, 2004 10:55:43 AM

Archived from groups: microsoft.public.win2000.security (More info?)

"=?Utf-8?B?VG9tIEdvb2RtYW4=?=" <TomGoodman@discussions.microsoft.com> said

> 1. because it's a ridiculously high number (know anyone with a 128
> character pwd?)

It's possible to use pass 'phrases', not just passwords. That's why the 128
characters were introduced.

> 2. I'm implementing a password synch tool & a legacy
> system REQUIRES a pwd no longer than 8 characters.

Rather than weaken the security of every other system, why not modify the
sych tool to take only the first 8 characters of the Windows password and
pass those through to the legacy system?

I cannot see the sense in weakening Windows security to fit in with a legacy
system even if it could be done. Security is the one area where we definitely
should not be catering to the lowest common denominator.

--
Andy.
August 4, 2009 9:40:21 PM

way to be helpful, andy...

Quote:
Archived from groups: microsoft.public.win2000.security (More info?)

"=?Utf-8?B?VG9tIEdvb2RtYW4=?=" <TomGoodman@discussions.microsoft.com> said

> 1. because it's a ridiculously high number (know anyone with a 128
> character pwd?)

It's possible to use pass 'phrases', not just passwords. That's why the 128
characters were introduced.

> 2. I'm implementing a password synch tool & a legacy
> system REQUIRES a pwd no longer than 8 characters.

Rather than weaken the security of every other system, why not modify the
sych tool to take only the first 8 characters of the Windows password and
pass those through to the legacy system?

I cannot see the sense in weakening Windows security to fit in with a legacy
system even if it could be done. Security is the one area where we definitely
should not be catering to the lowest common denominator.

--
Andy.

!