Password must meet complexity requirements
|ID: oval:gov.nist.usgcb.windowsseven:def:8||Date: (C)2012-04-13 (M)2018-03-15|
|Class: COMPLIANCE||Family: windows|
This security setting determines whether passwords must meet complexity requirements.
If this policy is enabled, passwords must meet the following minimum requirements:
Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
Be at least six characters in length
Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
Complexity requirements are enforced when passwords are changed or created.
Enabled on domain controllers.
Disabled on stand-alone servers.
Note: By default, member computers follow the configuration of their domain controllers.
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Password must meet complexity requirements
(2) REG: INFO NOT AVAILABLE
|Microsoft Windows 7|