Password must meet complexity requirements

Information

Password must meet complexity requirements

This security setting determines whether passwords must meet complexity requirements.

If this policy is enabled, passwords must meet the following minimum requirements:

Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
Be at least six characters in length
Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
Complexity requirements are enforced when passwords are changed or created.

Default:

Enabled on domain controllers.
Disabled on stand-alone servers.

Note: By default, member computers follow the configuration of their domain controllers.

Solution

Policy Path: Password Policy
Policy Setting Name: Password must meet complexity requirements

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-for-windows-10-v1809-and-windows-server/ba-p/701082/

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a)

Plugin: Windows

Control ID: bf096388e8a6ee04f03005358a014edcad075d052fd94596e9f7e08362e21bda