By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
454,973 Members | 1,190 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 454,973 IT Pros & Developers. It's quick & easy.

Adding windows password policy to your app

P: n/a
We have our own set of users and passwords for our application and we want to
implement strong passwords.
My question is can you access the windows password policy settings in order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...

We could store our own format for the password maybe as a regular
expression, but if the customer have already set up the password policy they
want in 1 place, it would be nice to use it.
Apr 4 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a
James,

AFAIK, this is not possible, windows doesn't expose an API to validate
the password. The only way that you can validate the password would be to
actually create a user on the local machine. I guess you could hack it by
creating a user (with some random user name), and then deleting that user.
If the password is accepted, then you know it meets the password policy of
the local machine.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"James" <Ja***@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com...
We have our own set of users and passwords for our application and we want
to
implement strong passwords.
My question is can you access the windows password policy settings in
order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...

We could store our own format for the password maybe as a regular
expression, but if the customer have already set up the password policy
they
want in 1 place, it would be nice to use it.

Apr 4 '06 #2

P: n/a
Thanks thats what I suspected.
I suppose if hackers' could get hold of these setting it would aid them in
cracking peoples passwords...

"Nicholas Paldino [.NET/C# MVP]" wrote:
James,

AFAIK, this is not possible, windows doesn't expose an API to validate
the password. The only way that you can validate the password would be to
actually create a user on the local machine. I guess you could hack it by
creating a user (with some random user name), and then deleting that user.
If the password is accepted, then you know it meets the password policy of
the local machine.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"James" <Ja***@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com...
We have our own set of users and passwords for our application and we want
to
implement strong passwords.
My question is can you access the windows password policy settings in
order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...

We could store our own format for the password maybe as a regular
expression, but if the customer have already set up the password policy
they
want in 1 place, it would be nice to use it.


Apr 4 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.