When you try to change your password on a Microsoft Windows XP Professional-based computer, you may receive an error message that is similar to the following:
Your password must be at least number characters; cannot repeat your previous number passwords; must contain capitals, numerals or punctuation; and cannot contain your account or full name. Please type a different password. Type a password which meets these requirements in both text boxes.
You receive this error message even though the new password that you are using complies with the restrictions that are described in the error message. For example, the new password meets the following requirements:
It uses the correct number of characters.
It does not repeat a previous password.
It contains uppercase characters (capitals), numerals, or punctuation marks.
It does not contain your account name or your full name.
This issue may occur if you try to change your password for a second time within the time period that is dictated by the Minimum Password Age Group Policy security setting. The age of the current password must be greater than the minimum password age, as dictated by the Group Policy security setting.
The error message that is described in the "Symptoms" section is misleading because it does not mention this requirement.
Service pack information
To resolve this problem, obtain the latest service pack for Windows XP. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
322389 How to obtain the latest Windows XP service pack
A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.
The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Date Time Version Size File name --------------------------------------------------------- 31-Oct-2003 01:27 5.1.2600.1316 970,240 Msgina.dll
After you apply this hotfix, and then you try to change your password for a second time within the time period that is dictated by the Minimum Password Age Group Policy security setting, you receive an error message that is similar to the following instead of the error message that is described in the "Symptoms" section:
Your password must be at least number characters; cannot repeat your previous number passwords; must be at least number days old; must contain capitals, numerals or punctuation; and cannot contain your account or full name. Please type a different password. Type a password which meets these requirements in both text boxes.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Microsoft Windows XP Service Pack 2.
The Minimum Password Age Group Policy setting determines the period (in days) that a password must be used before the user can change it. You (as administrator) can set a value of 1 to 998 days, or you can permit changes immediately by setting the value to 0 days.
The minimum password age must be less than the maximum password age, unless the maximum password age is set to 0 (a setting of 0 indicates that the password will never expire). If the maximum password age is set to 0, the minimum password age can be set to any value in the 0 to 998 range.
Set the minimum password age to a value of greater than 0 if you want the Enforce Password History Group Policy setting to be effective. If you do not do so, users can cycle through passwords repeatedly until they return to an old favorite.
By default, the Minimum Password Age Group Policy security setting is 0 days. This default setting permits an administrator to specify a password for a user and then to require the user to change the administrator-defined password when the user logs on. If you (as the administrator) configure the Minimum Password Age Group Policy security setting to 1 day or longer, and you set a user's password without selecting the User must change password at next logon option, users cannot log on and change their passwords until the Minimum Password Age time limit expires.
By default, Enforce Password History is set to 1 day on domain controllers and to 0 days on stand-alone servers. By default, member computers follow the configuration of their domain controllers.
To configure the Minimum Password Age setting, open the appropriate policy, and then expand the following console tree: