disable maximum password length on Windows Server

Question

When trying to create a password longer than 16 chars on my Windows 2012 server, it is refused due to the password being to long. I have tried looking for a GPO called "Maximum Password Length" - which i cannot find. The problem might be in: PwdFilt or PCNSFLT. Screenshot of regedit where i Also looked.1

The problem is we need 36 char passwords on the SQL 2014 server we are installing to do encryption.

Any suggestions?

Try this [What is the maximum length of password in Windows 10?](http://www.thewindowsclub.com/maximum-length-of-password-windows-10) — John K. N., Dec 20 '16 at 12:22
Yes I am aware of the limit to AAD and MS accounts but this should not affect when I try to create a user directly in the AD of the Windows 2012 server. — Frederik Krogh, Dec 20 '16 at 13:13
A bit dated, but seems to get referenced a lot when researching this question: [What is the *real* maximum password length?](http://exchangepedia.com/2007/01/what-is-the-real-maximum-password-length.html). Suggests that up to 127 characters can be entered, but the way in which a masked field displays this information makes it look like you're limited to 32 characters. **Disclaimer**: Haven't tried this myself. — 3N1GM4, Dec 20 '16 at 13:50
I believe the actual limit is 256 chars, but the Ui limits you to only being able to type 127. — Jim B, Dec 20 '16 at 14:06
I'm also unaware of a policy that sets a maximum password length. — Jim B, Dec 20 '16 at 14:13
What is the exact error message? I've never seen a password change error cite the specific part of the policy that caused the failure. Standard Windows error message is `Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain` Remember that changes can fail due to minimum age, or history requirements. Is this for a domain or local account? Each will have its own pass policy settings, they may not be the same. — Clayton, Dec 20 '16 at 19:10

score 12 · Answer 1 · answered Dec 20 '16 at 16:53

12

Run rsop.msc on the machine that is giving you the issues. Then look under:

Computer Conf > Windows Settings > Security Settings > Account Pol > Password Pol

Under there, it will show you Source GPO that is setting the restriction. Then you can open Group Policy management and find the policy needed.

answered Dec 20 '16 at 16:53

Cory Knutson

1,876
13
20

I tried this, but there is no max length pwd pol. – Frederik Krogh Dec 20 '16 at 19:28
Did you also check via launching gpedit.exe on the local machine? The local security policy would be in effect if there were no domain policies. It would be under the same path. – Cory Knutson Dec 20 '16 at 23:09

score 11 · Accepted Answer · edited Dec 20 '16 at 14:26

11

Im not sure about disabling it, It not sure if you want to degrade security on the server.

Start a command prompt as administrator in windows

Run the following command:

net user MyUser MyPasswordIsReallyLongIs36Characlong /ADD /Y

For a domain user:

net user MyUser MyPasswordIsReallyLongIs36Characlong /ADD /DOMAIN /Y

Should fix the problem.

edited Dec 20 '16 at 14:26

Tolsadus

1,183
11
23

answered Dec 20 '16 at 13:53

Anthony Fornito

9,546
1
34
124

This could very well be the solution. Let me try it tomorrow and I will get back to you. – Frederik Krogh Dec 20 '16 at 19:29

disable maximum password length on Windows Server

2 Answers2