How to modify the password complexity message to not only specify min but max password policies.
I have a question concerning modification of the alert that's generated in Windows XP when a change of password does not meet the complexity needed by the group policy. This is really less of a question concerning Group Policy settings and more geared
toward modding what the end user sees.
The message I get is "Your password must be at least 4 characters, cannot repeat any of your previous 3 password and must be at least 0 days old. Please type a different password. Type a password which meets these requirements in both text boxes.".
I'm offering this text so you can see where normal is for us.
I have been through the msgina.dll and have found similar error messages like "Your password must be at least %hu characters and cannot repeat any of your previous %hu passwords. Please type a different password." and "Your
password must be at least %hu characters; cannot repeat any of your previous %hu passwords; must contain capitals, numerals or punctuation; and cannot contain your account or full name. Please type a different password." but neither of these are
what we see, as provided above.
I have tried repeatedly to modify the GINA, recompiling it with ResHacker and replacing the default system GINA with Replacer so I don't get any Windows File Protection errors but I continue to get the original message box when I fail to meet password complexity.
The problem we have with this is we also have a restriction on using special characters and a max on characters, that being 8. Please don't flame based on this restriction, we have a MainFrame application only allowing up to 8 and the passwords are being synced
via Tivoli Identity Manager, and we have to use the lowest common denominator.
We want to convey not only the minimum but also the maximum of what the users can use so the rules are right in front of them.
I would like to mod the error/message to something like this, "Password requirements not met. Passwords must be 4-8 characters, cannot repeat any of your previous 3 passwords, only have 1 repeating character and must contain alpha and numeric characters
only (no special characters). Please select another password."
Can this be accomplished and how? I've also looked in scecli and winlogon.exe. I have changed the code to the password change window, so it displays the rules, but it would be nice to have this as well.
This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.