Make space as mandatory for AD Password Policy #25
Comments
|
For reference, Spaces are considered special characters, as they’re defined as Symbols: https://learn.microsoft.com/en-us/windows-server/security/kerberos/passwords-technical-overview |
|
@OftKilted I agree with you, spaces are considered as special characters, but is that possible to make space mandatory for end users to use in their password? When it comes to special characters, they are free to use spaces as one option, but still, they can choose other special characters as well, right! |
|
You can’t force the use of a Space character natively. As a side reference, enforcing a specific special character will decrease the security and complexity of your passwords. Because a malicious actor will know that they can remove any password that does not have a space in it from their complexity table. As referenced in “[Policies] Weir, Matt, Sudhir Aggarwal, Michael Collins, and Henry Stern. “Testing Metrics for Password Creation Policies by Attacking Large Sets of Revealed Passwords.” In Proceedings of the 17th ACM Conference on Computer and Communications Security, 162–175. CCS ‘10. New York, NY, USA: ACM, 2010. doi:10.1145/1866307.1866327.” Enforcing the kind of complexity requirement you want to enforce tend to make passwords overall weaker. For more easily found reference I recommend the NIST 800-63b appendix: |
Hi @ryanries
As part of security enhancement , we want to make space as mandatory in password. Is this possible through default MS settings in AD-GPO or can be achieved any other way ?
The text was updated successfully, but these errors were encountered: