AD Password Requirement

Taylor Hempy updated May 5, 2010 at 7:58 PM

Password must meet complexity requirements This security setting determines whether passwords must meet complexity requirements.

If this policy is enabled, passwords must meet the following minimum requirements:

Not contain the user's account name or parts of the user's full name that exceed two consecutive characters.

Be at least six characters in length.

Contain characters from three of the following four categories:

  1. English uppercase characters (A through Z)
  2. English lowercase characters (a through z)
  3. Base 10 digits (0 through 9)
  4. Non-alphabetic characters (for example, !, $, #, %)

Complexity requirements are enforced when passwords are changed or created.

Default: Enabled on domain controllers. Disabled on stand-alone servers.