Password must meet complexity requirementsID: oval:org.secpod.oval:def:22550 | Date: (C)2015-01-07 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
This security setting determines whether passwords must meet complexity requirements.
If this policy is enabled, passwords must meet the following minimum requirements:
- Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
- Be at least six characters in length
- Contain characters from three of the following four categories:
- English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Base 10 digits (0 through 9)
- Non-alphabetic characters (for example, !, $, #, %)
- Complexity requirements are enforced when passwords are changed or created.
Default:
Enabled on domain controllers.
Disabled on stand-alone servers.
Note: By default, member computers follow the configuration of their domain controllers.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy!Password must meet complexity requirements
(2) WMI: root\rsop\computer#RSOP_SecuritySettingBoolean#Setting#KeyName = 'PasswordComplexity' And precedence=1
Platform: |
Microsoft Windows 8.1 |