Overview#

Password Character Composition are a typical parameter of a Password Policy specifically the Password Modification Policy that deals with Password Quality

Password Character Composition are requirements are enforced by the Password Validator.

Password Character Composition is typically enabled within a Password Policy with various restrictions on the composition of the password in an attempt to increase Password Entropy

This is an Example ALL TOO Common Password Character Composition Example:

  • Passwords MUST NOT contain the user's entire samAccountName (Account Name) value or entire displayName (Full Name) value. Both checks are not case-sensitive:
    • The samAccountName is checked in its entirety only to determine whether it is part of the password. If the samAccountName is less than three characters long, this check is skipped.
    • The displayName is parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs.
  • Passwords MUST contain characters from three of the following five categories:
    • Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
    • Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
    • Base 10 digits (0 through 9)
    • Non Alphanumeric characters: !@#$%^&*_-+=`|\(){}:;"'<>,.?/
    • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 28-Jun-2017 15:57 by jim