467,867 Members | 1,382 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,867 developers. It's quick & easy.

Adding windows password policy to your app

We have our own set of users and passwords for our application and we want to
implement strong passwords.
My question is can you access the windows password policy settings in order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...

We could store our own format for the password maybe as a regular
expression, but if the customer have already set up the password policy they
want in 1 place, it would be nice to use it.
Apr 4 '06 #1
  • viewed: 2556
Share:
2 Replies
James,

AFAIK, this is not possible, windows doesn't expose an API to validate
the password. The only way that you can validate the password would be to
actually create a user on the local machine. I guess you could hack it by
creating a user (with some random user name), and then deleting that user.
If the password is accepted, then you know it meets the password policy of
the local machine.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"James" <Ja***@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com...
We have our own set of users and passwords for our application and we want
to
implement strong passwords.
My question is can you access the windows password policy settings in
order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...

We could store our own format for the password maybe as a regular
expression, but if the customer have already set up the password policy
they
want in 1 place, it would be nice to use it.

Apr 4 '06 #2
Thanks thats what I suspected.
I suppose if hackers' could get hold of these setting it would aid them in
cracking peoples passwords...

"Nicholas Paldino [.NET/C# MVP]" wrote:
James,

AFAIK, this is not possible, windows doesn't expose an API to validate
the password. The only way that you can validate the password would be to
actually create a user on the local machine. I guess you could hack it by
creating a user (with some random user name), and then deleting that user.
If the password is accepted, then you know it meets the password policy of
the local machine.

Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com

"James" <Ja***@discussions.microsoft.com> wrote in message
news:D1**********************************@microsof t.com...
We have our own set of users and passwords for our application and we want
to
implement strong passwords.
My question is can you access the windows password policy settings in
order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...

We could store our own format for the password maybe as a regular
expression, but if the customer have already set up the password policy
they
want in 1 place, it would be nice to use it.


Apr 4 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Fabrice DG | last post: by
2 posts views Thread by Carlton858 | last post: by
6 posts views Thread by =?Utf-8?B?TWljaGFlbCAwMw==?= | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.