Allow Long Passwords
If your application collects passwords to use with Windows authentication, do not hard-code the password size to 14 characters. Versions of Windows prior to Windows 2000 allowed 14-character passwords. Windows 2000 and later supports passwords up to 127 characters long. The best solution for dealing with passwords in Windows XP is to use the Stored User Names And Passwords functionality described in Chapter 7, Storing Secrets.