search
Request a quote for supportDownloads

Get-PasswordFilterResult

hashtag
SYNOPSIS

Processes a password through the password filter and gets the result of the policy

hashtag
SYNTAX

hashtag
String (Default)

Get-PasswordFilterResult [-Password] <String> [-Username] <String> [-Fullname] <String>
 [[-IsSetOperation] <Boolean>] [<CommonParameters>]

hashtag
SecureString

Get-PasswordFilterResult [-SecurePassword] <SecureString> [-Username] <String> [-Fullname] <String>
 [[-IsSetOperation] <Boolean>] [<CommonParameters>]

hashtag
DESCRIPTION

The Get-PasswordFilterResult cmdlet allows you to programmatically test passwords against your password policy.

This cmdlet does not attempt to change the user's password, nor does it contact the domain controller. Use of this cmdlet requires that the group policy for the password filter is configured and applied to the computer you are running the cmdlet on. The password filter does not need to be configured to filter passwords on the local computer, but the policy needs to be in place.

hashtag
EXAMPLES

hashtag
Example 1

These examples show two password filter operations that are rejected for different reasons.

hashtag
Example 2

Prompts for a password and username and then tests the password against the password filter.

hashtag
PARAMETERS

hashtag
-Fullname

The full display name of the user

hashtag
-IsSetOperation

Specifies if the password should be tested as a set operation. By default it is tested as a change operation.

hashtag
-Password

The password to test

hashtag
-SecurePassword

A secure string representation of the password to test

hashtag
-Username

The users account name

hashtag
CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParametersarrow-up-right.

hashtag
INPUTS

hashtag
System.String

hashtag
System.Security.SecureString

hashtag
OUTPUTS

hashtag
Lithnet.ActiveDirectory.PasswordProtection.PasswordTestResult

The cmdlet will return one of the following values

String value
Description

Approved

The password was approved by the filter

LengthRequirementsNotMet

The password did not meet the minimum length requirements

ComplexityThresholdNotMet

The password did not meet the complexity requirements for a password of the given length

ComplexityPointsNotMet

The password did not meet the minimum number of complexity points

DidNotMatchApprovalRegex

The password did not match the regular expression required for approval

MatchedRejectRegex

The password did matched the rejection regular expression

ContainsAccountName

The password contained the user's account name

ContainsFullName

The password contained all or part of the user's full name

Compromised

The password was found in the compromised password store

CompromisedNormalizedPassword

The password was found in the compromised password store after the normalization rules were applied

BannedNormalizedWord

The password was found in the banned word store after the normalization rules were applied

PasswordWasBlank

The password was an empty string

FilterError

An exception occurred in the filter engine and the password could not be processed

hashtag
NOTES

hashtag
RELATED LINKS

Normalization rulesarrow-up-right

PreviousGet-PasswordFilterPolicyNextImport-BannedWordHashes

Last updated