How to modify the password complexity message to not only specify min but max password policies.

I have a question concerning modification of the alert that's generated in Windows XP when a change of password does not meet the complexity needed by the group policy. This is really less of a question concerning Group Policy settings and more geared toward modding what the end user sees.

The message I get is "Your password must be at least 4 characters, cannot repeat any of your previous 3 password and must be at least 0 days old. Please type a different password. Type a password which meets these requirements in both text boxes.". I'm offering this text so you can see where normal is for us.

I have been through the msgina.dll and have found similar error messages like "Your password must be at least %hu characters and cannot repeat any of your previous %hu passwords.  Please type a different password." and "Your password must be at least %hu characters; cannot repeat any of your previous %hu passwords; must contain capitals, numerals or punctuation; and cannot contain your account or full name.  Please type a different password." but neither of these are what we see, as provided above.

I have tried repeatedly to modify the GINA, recompiling it with ResHacker and replacing the default system GINA with Replacer so I don't get any Windows File Protection errors but I continue to get the original message box when I fail to meet password complexity.

The problem we have with this is we also have a restriction on using special characters and a max on characters, that being 8. Please don't flame based on this restriction, we have a MainFrame  application only allowing up to 8 and the passwords are being synced via Tivoli Identity Manager,  and we have to use the lowest common denominator.

We want to convey not only the minimum but also the maximum of what the users can use so the rules are right in front of them.

I would like to mod the error/message to something like this, "Password requirements not met. Passwords must be 4-8 characters, cannot repeat any of your previous 3 passwords, only have 1 repeating character and must contain alpha and numeric characters only (no special characters). Please select another password."

Can this be accomplished and how? I've also looked in scecli and winlogon.exe. I have changed the code to the password change window, so it displays the rules, but it would be nice to have this as well.


I believe your only option is this KB article.

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.


Question Info

Last updated July 16, 2020 Views 2,526 Applies to: