Custom Password Complexity Requirement Message when can not change the password

lithnet / ad-password-protection

Active Directory password filter featuring breached password checking and custom complexity rules

MIT License

490 stars 52 forks source link

Custom Password Complexity Requirement Message when can not change the password #77

Closed dimforensics closed 2 years ago

dimforensics commented 2 years ago

Can you include a functionality in the app "Lithnet" with a custom message for user that cannot change the password because of ....? When a user changes their password, sometimes they are denied because it does not meet the Domain’s password complexity requirements. Unfortunalty the error message does not tell them WHAT the requirements are. Or you may know the workaround in Windows?!

ryannewington commented 2 years ago

@dimforensics This is a bit of a pain-point with any password filter. Unfortunately, Microsoft only provide a single error code when a password is rejected. This is why we get the cryptic message, even when not using LPP

Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.

Unfortunately, there isn't anything we can do to improve this, as it's baked into Windows itself.

dimforensics commented 2 years ago

Thanks Ryan for the response. Hopefully, they will do some changes in near future.