We've found that when user's have some characters in their password (@, ?, or /) they cause issues logging into one of our third party applications that verifies against the users' AD credentials.  It doesn't look like the "Disallow the use of these patterns" feature is designed to prevent users having certain single characters in their passwords but, in my brief testing, it seems to work fine.

Are there any issues I should be aware of? Obviously I'll need to ensure that the custom rules I configure will need to meet the AD Password Policies but otherwise is there anything else I need to consider?

Cameron