How to verify if password meets complexity requirements programmatically

Hi all,

Some customers asked me in the past if there was any API to verify if a password meets Windows complexity requirements. Unfortunately there is no such API. We could implement our own if we know the requirements of the password filter used in our machines.

The default password filter (passfilt.dll) in Windows checks for the following:

1) Not contain significant portions of the user's account name or full name.
2) Be at least six characters in length.
3) Contain characters from three of the following four categories:
  a) English uppercase characters (A through Z).
  b) English lowercase characters (a through z).
  c) Base 10 digits (0 through 9).
  d) Non-alphabetic characters (for example, !, $, #, %).

See the following articles for details:

Passwords must meet complexity requirements of the installed password filter (Windows 2000) Passwords must meet complexity requirements (Windows Server 2003)

 

I hope this helps.

Cheers,

 

Alex (Alejandro Campos Magencio)