deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 13:57:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #10388 from simon-biber/patch-1

Browse Source 
Complexity requirements reduce password strength
This commit is contained in:
Tina Burden 2022-03-08 11:22:18 -08:00 committed by GitHub
commit 60a011d62f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
View File

@ -62,11 +62,11 @@ Additional settings that can be included in a custom Passfilt.dll are the use of
> [!TIP] > [!TIP]
> For the latest best practices, see [Password Guidance](https://www.microsoft.com/research/publication/password-guidance). > For the latest best practices, see [Password Guidance](https://www.microsoft.com/research/publication/password-guidance).
Set **Passwords must meet complexity requirements** to Enabled. This policy setting, combined with a minimum password length of 8, ensures that there are at least 218,340,105,584,896 different possibilities for a single password. This setting makes a brute force attack difficult, but still not impossible. Set **Passwords must meet complexity requirements** to Enabled. This policy setting, combined with a minimum password length of 8, ensures that there are at least 159,238,157,238,528 different possibilities for a single password. This setting makes a brute force attack difficult, but still not impossible.
The use of ALT key character combinations may greatly enhance the complexity of a password. However, requiring all users in an organization to adhere to such stringent password requirements might result in unhappy users and an over-worked Help Desk. Consider implementing a requirement in your organization to use ALT characters in the range from 0128 through 0159 as part of all administrator passwords. (ALT characters outside of that range can represent standard alphanumeric characters that do not add more complexity to the password.) The use of ALT key character combinations may greatly enhance the complexity of a password. However, requiring all users in an organization to adhere to such stringent password requirements might result in unhappy users and an over-worked Help Desk. Consider implementing a requirement in your organization to use ALT characters in the range from 0128 through 0159 as part of all administrator passwords. (ALT characters outside of that range can represent standard alphanumeric characters that do not add more complexity to the password.)
Passwords that contain only alphanumeric characters are easy to compromise by using publicly available tools. To prevent this, passwords should contain additional characters and meet complexity requirements. Short passwords that contain only alphanumeric characters are easy to compromise by using publicly available tools. To prevent this, passwords should contain additional characters and/or meet complexity requirements.
### Location ### Location