How Do I Set a Proper Password Complexity Policy in a Windows OS?

A proper password complexity policy would be: eight characters for the length of a password and at least three types of the following characters used: uppercase letters, lowercase letters, digits, and special characters.

Perform the following steps to set a local security policy:

Log in to the OS as the user Administrator. Choose Start > Control Panel > System and Security > Administrative Tools. In the Administrative Tools folder, double-click Local Security Policy.

Alternatively, click Start and type secpol.msc in the Search programs and files box.
Choose Account Policies > Password Policy and perform the following operations.
- Double-click Password must meet complexity requirements, select Enable, and click OK to enable the policy.
- Double-click Minimum password length, enter the length (greater than or equal to 8), and click OK to set the policy.
Run the gpupdate command to refresh your system settings. After the refresh succeeded, the settings will take effect in the system.

Parent topic: Unsafe Settings

Unsafe Settings FAQs

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with GUI

Incorrect steps

Lack of examples

Missing parameter descriptions

Unclear descriptions

Function issues

Other

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot

more