WinSecWiki > Security Settings > Account Policies > Password Policy > Complexity Requirements

Password must meet complexity requirements

If you enable this control, passwords must:

Not contain the users account name
Exceeded six characters in length regardless of the minimum password length control
Contain at least one character from at least three of four sets of characters:
A through Z
a through z
0 through 9
Symbols such!@#$%^&*

So-called complex passwords include Password1 and abc123$.

This control also is the source of many arguments. See my thoughts under “In my opinion” at the above level.

Bottom line

I recommend enabling this policy.

Upcoming Webinars

Additional Resources

Password Policy

•	Maximum Age
•	Password Settings Object
•	Minimum Age
•	Minimum Length
•	Complexity Requirements
•	Reversible Encryption

User name:
Password:
	/ Forgot?
	Register

April 2025 Patch Tuesday	"Patch Tuesday - One Zero Day! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2025 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.