numeric only passwords fail

[ideprize]

Spent a rather long day 7/30/11 determining that on my client's system, Windows 7 Professional 32 bit Service Pack 1, that numeric only passwords of length > 4 digits failed unless the login was done in safe mode (without networking). The instant I added characters (as the first digits - did not test for internal placment) the password was accepted at the normal login prompt. The original profile was in trouble. The directory structure was there but the user name was not in the user group. When I created the new profile with a numeric only password the problem surfaced. It should be noted that the old profile had a numeric only password of 4 digits that DID work but the client wanted to update the password to 7 digits (numeric only) on the new profile - no cigar. Thanks for any illumination.

Respectfully,
Gordon Haas

 

[Ztruker]

I just created a new account, set the password to 1234. Logged in and it accepted the password with no problem.

Win 7 Pro X64

 

[ideprize]

The length of the password that failed was 7 digits in length. The original numeric password was also 4 digits in length and it did work. See if you can repeat the problem with a numeric length of 7. Thanks for a quick response.

 

[logicearth]

No problem here, 4 to 7 to 10.

 

[karlsnooks]

The length of the password that failed was 7 digits in length. The original numeric password was also 4 digits in length and it did work. See if you can repeat the problem with a numeric length of 7. Thanks for a quick response.

This is/can be controlled by a group policy setting.

I suggest you run gpedit.msc

 

[karlsnooks]

Of course,
if the it dept. has set an AD policy or some true "group" policy for the group to which the user belongs, then that will override.

I recommend talking to the loca it/system admin dept.

 

[ideprize]

That would be me - the it department. The reason why I posted this on this forum was in hopes of finding someone who also encountered this problem. The environment is not one of a single system - the system that had the error is a member of a workgroup with a 2008 R2 Server. I checked all account policies to insure that they are not requiring complex passwords - they are not. All I know is if I remove the leading two characters from the front of the password the login fails except in pure safe mode (no networking). At first I thought it was a virus but I scanned the system with House Call, Malwarebytes, and ESET - they all say it is clean. I will look into the group policy issue but I thought that was subordinate to the local security policy settings. This is a workgroup not a domain.

 

[karlsnooks]

WIN + F1 key combo | type POLICY SETTINGS | ENTER

You should thoroughly familiarize yourself with the 3rd item on the list: Group Policy Management for IT Pros.

WIN is the key with the wavy microsoft flag on top

 

[richnrockville]

The length of the password that failed was 7 digits in length. The original numeric password was also 4 digits in length and it did work. See if you can repeat the problem with a numeric length of 7. Thanks for a quick response.

FWIW: If the original password was in the Active Directory of your server as 4 numeric characters and it worked due to no restrictions on passwords, that would answer the question of why the 4 numberics worked. But it only worked until you decided to change it and then the new AD rules probably came into effect and then you can't change it back.
Can it be assumed the the server 2008 was upgraded from an older 2003 or so?

That could be an answer to your problem and the only way that I see to solve it would be to have the adminstrators change the group policy on the server.

Just my take on this..
(And it was taken from experience with almost the same thing)
Rich

 

[karlsnooks]

one of the policy settings regards password length.

 

[karlsnooks]

a policy setting.

 

[ideprize]

To richnrockville: There is no active directory in this network - it is a workgroup; small intimate company. The profile that had the 4 digit password became inoperative (could see the directory but not the user under user group). I created a new profile with the 7 digit numeric password and that is when the problem surfaced. The problem was resolved by extending the password to 9 digits making the first two characters alpha! Which leads directly to "karlsnooks" identification that "one of the policy settings regards password length" - again the problem was resolved by lengthening the password. The dominant parameter here is, once the alpha component was introduced the password was accepted as valid. Again password complexity was disabled at the 2008 R2 Standard Server. Thanks guys for the feedback it forces one to really think about the construct. I AM reading the Group Policy data "karlsnooks".

 

[karlsnooks]

Enjoy. The action and interaction at the various levels between the various policy settings is powerful and confusing.

Go to an elevated command prompt and run:
gpresult /r

for interesting info on the result of group policy settings.

gpresult
will give you the same as gpresult /? and list all the command arguments.