What a user sees when a password is rejected all depends on if you're using the Enzoic Workstation Client or not.
If you are not using the Enzoic Workstation Client, then the user is given the standard Windows message that a password does not pass domain policies (e.g.“The value provided for the new password does not meet the length, complexity, or history requirements of the domain”). If the change request has come from a third-party service (e.g. IAM platform), that service also receives the standard Windows notification and displays accordingly.
However, with that said, we do have an optional tool called the Enzoic Workstation Client that provides hints both during the password reset process and after a password rejection. This client needs to be installed locally on the workstation and acts like a credential provider. Once installed and configured, it will pull from the user's AD and Enzoic policy and provide hints to assist with password changes. For more information see the Client Setup Instructions in our Enzoic Tech Docs.
This is what a user will see during a password change attempt with the Enzoic Workstation Client enabled:
Here are a few examples of what an end user can expect to see if their password attempt is rejected:
All Rejection Options:
- In a cracking dictionary/Known bad - Users will see: "Is known to be compromised"
- Fuzzy password matching - Users will see: "Is too similar to a known, compromised password"
- Root password matched on a banned list - Users will see: "Is too similar to a known, compromised password"
- Password contains user's first or last name - Users will see: "Contains your first or last name"
- Password contains user’s login name - Users will see: "Contains your Windows username"
- Password contains users email address - Users will see: "Contains your email address"
- Password has too many repeating characters or more than “X” repeating characters - Users will see: "Contains too many repeating characters"
- Password is too similar to your previous password - Users will see: “Is too similar to your current password"
- Password matches custom dictionary - Users will see: "Contains a term your administrators have blocked"