Minimum password length (Windows)

Module: Password Strength

Supported Platforms: Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows XP

This check reports a problem if the effective minimum password length is shorter than the specified number of characters. The valid range of minimum password length is 0 to 14 characters.

The following table lists the error messages for the check.

Table: Error messages for Minimum password length

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: ESM_MIN_PASSWD_LEN_TOO_LOW Category: Policy Compliance	Windows 2000 (105331) Windows 2003 (205331) Windows 2008 (248331) Windows Vista (228331) Windows XP (200331)	Title: Minimum password length too low Description:The minimum password length is set too low. Short passwords are easier to guess. This makes them targets for brute force cracking attempts. The recommended minimum password length is eight characters.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [Min length: %s; expected: %s]
String ID: ESM_PASSNOPASS Category: Policy Compliance	Windows 2000 (105336) Windows 2003 (205336) Windows 2008 (248336) Windows Vista (228336) Windows XP (200336)	Title: System allows blank passwords Description:Your system allows accounts without passwords. Anyone can log on to these accounts. In Windows, increase the value for the minimum password length setting to greater than 0.	Severity: red-4 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: []

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_MIN_PASSWD_LEN_TOO_LOW

Category: Policy Compliance

Windows 2000 (105331)
Windows 2003 (205331)
Windows 2008 (248331)
Windows Vista (228331)
Windows XP (200331)

Title: Minimum password length too low

Description:The minimum password length is set too low. Short passwords are easier to guess. This makes them targets for brute force cracking attempts. The recommended minimum password length is eight characters.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [Min length: %s; expected: %s]

String ID: ESM_PASSNOPASS

Category: Policy Compliance

Windows 2000 (105336)
Windows 2003 (205336)
Windows 2008 (248336)
Windows Vista (228336)
Windows XP (200336)

Title: System allows blank passwords

Description:Your system allows accounts without passwords. Anyone can log on to these accounts. In Windows, increase the value for the minimum password length setting to greater than 0.

Severity: red-4

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: []