Password Lengths for windows

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I've be doing the comptia a+ online course for 6 months now. I just finished doing a practice exam. I'm a little bit confused with one of the questions. The question was about password character lengths .

The question was "Steve wants to create the shortest possible password on his Windows XP machine. How many characters must he use?" Now the choices were, A- 0, B- 4, C- 8, D- 12.

According to the training video it says for the A+ exam the minimum character length for passwords is 8 characters long. When I selected that answer I got it wrong. I noticed that the correct answer was 0 characters.

Could someone please explain to me how the answer can be 0 characters. If it is 0 characters that means that there is no password entered. That doesn't make sense.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I guess you don't HAVE to have a password if you are a single user on the machine.

 

A default install of Windows XP will let you define a password with 0 chracters. In essence, you don't type any password at all.

 

You can set up an XP account with no password. It does restrict certain things e.g. I'm pretty sure you can't RD into a machine if the local account your trying to access has no password set.
How does it work? Just hit enter when you're asked for a password.

 

It's when you start using the machine in an AD environment that you're going to be hit with complex password requirements (8 characters, upper and lowercase plus another character (0-9 + others).

 

soundians right, you cannot rdp onto a computer if there is no password set, also you cannot browse to share either $ or custom shares on a machine as that user from a remote machine (so \\computer1\share as adm1n no password for example)

The question is a little offputting as you migh assume as it stipulates neither way that they are talking about a working environment, or that as he "wants" to create the shortest password then he does actually want a password. Its very easy to start overthinking questions especially if they are worded in this manner, I'd rather have the MS type questions that throw a whole load of information at you and you pick out the important bits other than the comptia ones where you have to guess/assume some parts of the question (I vaguely remember doing exactly that when I took my A+ many years ago).

 

The question is indeed a little ambiguous like that, but also a non-password enabled admin account as mentioned, will not let you do a number of things (which in turn results in a relatively hardened machine), but that's another long story with discussions best left to those who wish to contemplate the pros and cons of each.

True, but only if the company in question has chosen to do this.

One of my customers insisted their users could not remember 'complex' passwords with 8 or more characters. So in the end as I helped them define their domain wide group policies, they agreed to enable this nevertheless (primarily to enforce admins to maintain longer, complex passwords since they work in IT and should be able to remember them), but a few key users were then enabled with simple, 4 character minimum (groan) passwords via the fine grained password policies of their new 2008 R2 domain.

But yes, technically you'll find a minimum of 8 characters in just about any company out there (been the case with every single other company I've ever worked for/with).