,
The «Password must meet complexity requirements» policy setting in Server 2016, determines the minimum requirements when passwords are changed or created. The rules that are included in the Windows Server password complexity requirements are part of Passfilt.dll, and they cannot be directly modified.
By default in Server 2016, passwords must meet the following minimum requirements:
1. Passwords must not contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
2. Passwords must be at least seven characters in length.
3. Passwords must contain characters from three of the following four categories:
a. English uppercase characters (A through Z)
b. English lowercase characters (a through z)
c. Base 10 digits (0 through 9)
d. Non-alphabetic characters (for example, !, $, #, %)
This tutorial contains instructions on how to turn off the Password Complexity requirements on a Stand-Alone Server 2016 or in a Active Directory Domain Controller 2016.
How to Remove the Password Complexity requirements in Active Directory Server 2016 or a Stand Alone Server 2016.
Part 1. How to Disable Password Complexity requirements in Active Directory 2016.
Part 2. How to Disable Password Complexity requirements on a stand-alone Server 2016.
Part 1. How to Turn Off Password Complexity requirements in Active Directory Domain Server 2016.
To remove the password complexity in Active Directory 2016.
1. In Server 2016 AD Domain Controller, open the Server Manager and then from Tools menu, open the Group Policy Management. *
* Additionally, navigate to Control Panel -> Administrative Tools -> Group Policy Management.
2. Under Domains, select your domain and then right click at Default Domain Policy and choose Edit.
3. Then navigate to:
- Computer Configuration\Policies\Windows Settings\Security Settings\Account Policies\Password Policy
4. At the right pane, double click at Password must meet complexity requirements.
5. Select Define this Policy setting: Disabled and then click OK.
6. Finally, open Command Prompt as Administrator and give the following command to update the group policy.
- gpupdate /force
Part 2. How to Turn Off Password Complexity requirements in a standalone Server 2016.
1. From Server Manager go to Tools and open Local Security Policy, or (additionally), go to Control Panel open Administrative Tools and then open the Local Security Policy.
2. Under Security settings, select Password Policy.
3. At the right pane, double click at Password must meet complexity requirements.
4. Select Disabled and then click OK.
5. Finally, open Command Prompt as Administrator and give the following command to update the group policy.
- gpupdate /force
That’s it! Let me know if this guide has helped you by leaving your comment about your experience. Please like and share this guide to help others.
If this article was useful for you, please consider supporting us by making a donation. Even $1 can a make a huge difference for us in our effort to continue to help others while keeping this site free:
- Author
- Recent Posts
Konstantinos is the founder and administrator of Wintips.org. Since 1995 he works and provides IT support as a computer and network expert to individuals and large companies. He is specialized in solving problems related to Windows or other Microsoft products (Windows Server, Office, Microsoft 365, etc.).
This security setting determines whether passwords must meet complexity requirements. Complexity requirements are enforced when passwords are changed or created.
If this policy is enabled, passwords must meet the following minimum requirements when they are changed or created:
Passwords must not contain the user’s entire Account Name value or entire display Name (Full Name) value. Both checks are not case sensitive.
In this tutorial, you will learn how you can disable the password complexity policy on Windows Server 2016.
Remove Password Complexity
1. Open Server Manager from the Start Menu.
2. Click on Tools, and then click on “Group Policy Management”.
3. Right-click of “Default Domain Policy” which it will be located under your domain name and click Edit.
4. Expand the policy Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy, just like the screenshot below.
5. From the right pane do a double-click on the policy named “Password Must Meet Complexity Requirements“.
6. Check on “Disabled” and then click Ok.
7. Close “Group Policy Management” and run CMD as Administrator.
8. Run the below command on your server and also on all the client’s computer so the changes can take effect.
gpupdate /force
9. If you followed our steps correctly you find the result of the CMD command just like the below screenshot.
Disable Password Complexity using PowerShell
1. Run PowerShell as Administrator from the Start Menu.
2. Copy & Paste the below command on the PowerShell window to disable password complexity.
secedit /export /cfg c:\secpol.cfg
(gc C:\secpol.cfg).replace("PasswordComplexity = 1", "PasswordComplexity = 0") | Out-File C:\secpol.cfg
secedit /configure /db c:\windows\security\local.sdb /cfg c:\secpol.cfg /areas SECURITYPOLICY
rm -force c:\secpol.cfg -confirm:$false
3. Now Password Complexity Policy is disabled successfully.
Summary
After this tutorial, you should be able to know how you can remove a password complexity policy on Windows Server 2016 through the “Group Policy Management” and also through PowerShell.
Disable Password Complexity Requirement On Windows Server Systems 2 Within this captivating image, a symphony of colors, textures, and forms unfolds, evoking a sense of wonder that resonates universally. Its timeless beauty and intricate details promise to inspire and captivate viewers from every corner of interest. This image, a harmonious blend of artistry and creativity, invites all to admire its captivating essence. A mesmerizing fusion of colors, textures, and shapes transcends niche boundaries, leaving an indelible mark on all who behold it.
How To Disable Password Complexity Requirements On Server 2016 Within this captivating image, an intricate tapestry of elements unfolds, resonating with a wide spectrum of interests and passions. Its timeless beauty and meticulous details invite viewers from diverse backgrounds to explore its captivating narrative. In this visually captivating image, intricate details and vibrant colors come together seamlessly. It’s a striking blend of artistry and creativity, making it universally appealing, no matter your niche or interest. The image effortlessly draws you in with its beauty and complexity, leaving a lasting impression. Within this captivating image, intricate details and vibrant colors come together seamlessly, creating a harmonious symphony for the eyes. Rich hues cascade like a waterfall, from deep indigos to sun-kissed oranges, inviting viewers from diverse niches to appreciate its timeless allure. This captivating tableau seamlessly bridges gaps between niches, offering a visual narrative that transcends specialized interests. Its exquisite blend of elements, from radiant hues to intricate textures, enchants all who encounter its timeless charm.
How To Disable Password Complexity Requirements On Server 2016 Within this captivating image, intricate details and vibrant colors come together seamlessly, creating a harmonious symphony for the eyes. Rich hues cascade like a waterfall, from deep indigos to sun-kissed oranges, inviting viewers from diverse niches to appreciate its timeless allure. This captivating tableau seamlessly bridges gaps between niches, offering a visual narrative that transcends specialized interests. Its exquisite blend of elements, from radiant hues to intricate textures, enchants all who encounter its timeless charm. In this remarkable image, a mesmerizing blend of elements coalesce to form a captivating visual experience that transcends niche boundaries. The interplay of light and shadow, vibrant colors, and intricate details creates an alluring composition that sparks curiosity and admiration. Whether you’re an art enthusiast, nature lover, or tech aficionado, this image enchants with its universal charm, inviting all to appreciate its undeniable allure. In this captivating tableau, a symphony of colors, textures, and shapes harmonizes to create a visual experience that transcends niche boundaries. Its enduring allure sparks wonder and appreciation across all interests and walks of life.
How To Disable Password Complexity Requirements On Server 2016 In this remarkable image, a mesmerizing blend of elements coalesce to form a captivating visual experience that transcends niche boundaries. The interplay of light and shadow, vibrant colors, and intricate details creates an alluring composition that sparks curiosity and admiration. Whether you’re an art enthusiast, nature lover, or tech aficionado, this image enchants with its universal charm, inviting all to appreciate its undeniable allure. In this captivating tableau, a symphony of colors, textures, and shapes harmonizes to create a visual experience that transcends niche boundaries. Its enduring allure sparks wonder and appreciation across all interests and walks of life.
What is Password Policy?
Password policy is the policy which is used to restrict some credentials on windows server 2016 and previous versions of Server 2012, 2008 and 2003.
A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy is often part of an organisation’s official regulations and may be taught as part of security awareness training. The password policy may either be advisory or mandated by technical means. Some governments have national authentication frameworks that define requirements for user authentication to government services, including requirements for passwords. So follow the under instructions to know how to configure password policy with windows server 2016. “Wikipedia”
How to Configure Password Policies with Windows Server 2016?
You can open up Group Policy Management Editor into three various ways.
First Method: press windows key and type control panel and now select administrative tools and then select local security policy. A new window will pop up, click account policies, Password Policy. Here you will see about six policies. If you don’t want to use the graphical way just type gpedit.msc on the RUN window then hit enter. Now go to this path. Computer Configuration/Windows Settings/Security Settings/Password Policy.
Local Group Policy Editor
Second Method: If you don’t want to use the graphical way just type gpedit.msc on the RUN window then hit enter. Now go to this path. Computer Configuration>Windows Settings>Security Settings>Password Policy.
Group Policy Editor
Third Method: Open Server Manager and click on Tools. Scroll down until you see the GPO (Group Policy Management). Right, click on the Domain then choose Edit. Now you will see the same window as before. Go to Computer Configuration> Windows Settings> Security Settings> Password Policy.
These were three different ways that you can apply password policy on the network computers.
What is Enforce Password History?
Enforce password history is the policy that doesn’t allow the users to use the same password for many times. For example, Once your Device password is Admin, and for the next time, you can’t use this password for login on your computer. After some months or year, it may expire. When it is expired, so you must use another password. Here I have set it to 10 times. It means that I can’t use my old password less than 10 times. In ten times, I must use a different password. After 10 times, I can use my first password. For more information, look at the chart below.
Enforce Password History rules
What is Maximum password Age?
This security setting determines the time in days that a password can be used before the system requires the user to change it. You can set passwords to expire after several days between 1 to 999, or you can specify that passwords never expire by setting the number of days to 0 if the maximum password age is between 1 and 999 days. The minimum password age must be less than the maximum password age if the maximum password age is set to 0. The minimum password age can be any value between 0 and 998 days.
Maximum Password Age
Note: It is a security best practice to have passwords expire every 30 to 90 days, depending on your environment. This way, an attacker has a limited amount of time to crack a user’s password and have access to your network resources.
What is the Minimum Password Age?
The minimum password age must be less than the maximum password age unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 to 998. It’s vital that you have to use the minimum password age. If you don’t use, the user may cycle the password history till they get their old favourite password. If you set the minimum password age, so they will not change their password quickly.
Minimum Password Age
What is the Minimum Password Length?
This is security setting determines the least number of characters that a password for a user account may contain. You can set a value of between 1 and 14 characters, or establish that no password is required by setting the number of characters to 0. Here I have set up to 8 characters. Mostly you see this policy on websites or social accounts.
Minimum Password Length
What are Password Complexity Requirements?
If this policy is enabled, passwords must meet the following minimum requirements.
- Be at least six characters in length
- Contain characters from three of the following four categories
- English uppercase letters (A through Z)
- English Lowercase letters (a through z)
- Base 10 digit (0 through 9)
- Non-alphabetic characters ( !,@,#,$,%&,*)
Password Must Meet Complexity Requirements
It’s beneficial and restricts vulnerabilities. You can see this policy when you create an Apple ID.
Store Passwords Using Reversible Encryption
This policy provides support for applications that use protocols that require knowledge of the user’s password for authentication purposes. Storing passwords using reversible encryption is essentially the same as storing plaintext versions of the passwords. For this reason, this policy should never be enabled unless application requirements outweigh the need to protect password information. I should tell you when you enabled this option; it will encrypt the password and no-one can access your password very easily.
Store Passwords Using Reversible Encryption
It was all about how to configure password policies with windows server 2016. It does not only work on windows server 2016 but also work on later versions. Thanks for being with us.
-
Lucas
-
April 15, 2017
Windows Server 2012 and 2016 have password security policies, which increases the complexity of their composition.
To disable password complexity in Windows Server 2012 / 2016, follow the steps below:
- Go to Administrative Tools > Local Security Policies.
- Then click on Account Policies > Password Policies.
- Disable the option“Password must meet complexity requirements“, that’s it!