Password complexity requirements explained

Policy: Password must meet complexity requirements

 

This security setting determines whether passwords must meet complexity requirements.

 

If this policy is enabled, passwords must meet the following minimum requirements:

 

  • Not contain the user’s account name or parts of the user’s full name that exceed two consecutive characters
  • Be at least six characters in length
  • Contain characters from three of the following four categories:
  • English uppercase characters (A through Z)
  • English lowercase characters (a through z)
  • Base 10 digits (0 through 9)
  • Non-alphabetic characters (for example, !, $, #, %)

Complexity requirements are enforced when passwords are changed or created.