Disabling the default Windows password filter
Normally when a custom password filter is installed, it replaces the Windows password filter or even the entire...
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
logon process. When a log on is attempted, Windows looks at all valid password filters, so preventing the use of its own is important if you want to rely on yours entirely . I'm going to assume you have already written your own, though you can find an example script here. Microsoft also reveals its own passfilt.dll and instructions on how to write and use your own filter.
Now, to prevent Windows from using passfilt.dll simply requires setting the password policy to NOT require complexity. This setting is at "Windows Settings/Security Settings/Password Policy/Password must meet complexity requirements." Simply change it to disabled if it is enabled. If your password filter is also checking for password size, history and other Windows password settings, you can set them to null here as well. I wouldn't, however, change the "Store passwords using reversible encryption" setting. It's disabled by default for a reason. It allows storing passwords in an easily recoverable form. This is required by some classic non-Windows clients, and that's why its available. It is generally used as a user account variable and not as a system wide variable and only if necessary.
Dig Deeper on Windows legacy operating systems
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.
Meet all of our Enterprise Desktop experts
Start the conversation
0 comments