Our group recently implemented 14+ character passwords on our Windows domain in order for us to be compliant with our organizational security directives.
On password change, users are now receiving a password length warning saying:
The Password is longer than older versions of Windows; such as
Windows 98 or Windows 95, can use.
Is there a way to disable this warning? Our support team is being inundated with users asking about this.
Our network uses Windows XP SP3 and Windows 7 client operating systems only. The AD domain is at functional level 2008. We have GPOs set so LAN manager hash vales are NOT stored and LAN manager authentication level is NTLMv2 only.
There is an option somewhere for compatibility with older versions of Windows -- I don't recall if it's an AD option or a something in group policy, but if you disable that you shouldn't get the warning anymore.
That being said, Satanicpuppy is 100% right: Any password longer than a user can remember will be found on a post-it note under their keyboard (if you're lucky -- otherwise it's going to be right on the monitor :-)
CW so some generous soul can edit and add details on where this option is - I haven't touched a Windows server environment in a long time :-)
The only suggestion I can come up with is to hack the msgina.dll and replace the default error text with something else. Maybe something like, "Your password will be changed when you hit OK. You can press cancel to not have your password changed.