You'll probably never need to know this but..
I wanted to (programmatically) create a local Win service account with a set & forget random password, and when I got to the random bit just cut & pasted a function I once very carefully made for something else which happens to spit out 256 cryptographically random bits i.e. 32 bytes.
But passwords need to be strings, not bytes so I just quickly converted those 32 bytes to a 64 character hex string to use as the password. But my test Server 2008 R2 doesn't like that because although a string made from a limited character set (16 chars total) representing 256 random bits is MUCH more respectable than any password any typical human is likely to make, it's not "complex".
[How I wish Windows complexity checking would factor in length i.e. go "Ooh look! It's a 30 character password... hmmm.. LANMAN is definitely not happening here so I'll relax some of the pedantic nit-picking rules because they're obviously pointless in these circumstances".]
So next I thought I'd just quickly throw some stuff on the front of the password string to keep [bleeping] Windows happy e.g. "Xa91£$" + <original 64 hex char string>. But my test Server 2008, or at least the function I invoked doesn't like that much because despite my added "complex" stuff the password apparently still doesn't meet the complexity requirements!
So then I expermientally tried "Xa91£$" + <32 of the original hex chars> and it just worked. So I assume the API was really complaining about the password being too long, but perhaps no one ever got around to making a system error code for that. Browse the net and you can find some anecdotal comments about the max password length being ~128 chars, but perhaps that is 128 bytes because (ignoring length and other gubbins) being Unicode, my 64 character hex string needs 128 bytes of storage.
So again, you'll likely never need to know this, but password strings longer than 64 characters can cause trouble in at least one Windows API.
 Equivalent to a 40 character password utilising a scattering of chars from the full ASCII char set.
Last edited by PiqueABoo; 21st August 2010 at 11:19 PM.
There are currently 1 users browsing this thread. (0 members and 1 guests)