Windows password must meet certain password guidelines – increase security

The use of strong passwords is becoming increasingly important. For this reason, it is important that the user with a hard-to-guess combination of

  • lowercase letters
  • Capital letter
  • numbers
  • special character

used for his password. The length of the password also plays a role, of course, because the longer a password , the longer it takes to crack passwords. Furthermore, the user should avoid consecutive numbers , car registration numbers , dates of birth , names , etc.

Microsoft has provided its own security policy for this complexity of passwords , which forces Windows users to choose their password in a certain complexity. Simple passwords are then no longer permitted. This security policy should be activated to increase the security of the Windows installation.

You can find this password security policy in the editor of the local security policy


in the area

Security settings / password policies

The exact name of the directive is:

Password must meet complexity requirements

Password must meet complexity requirements

If you ” activate ” this Windows security guideline, the password of the user must comply with the following guideline.

The password cannot contain the user’s account name or more than two characters that appear consecutively in the user’s full name.
The password must be at least six characters long.
The password must contain characters from three of the following categories:
Upper case letters (A to Z)
Lower case letters (a to z)
Base numbers 10 (0 to 9)
Non-alphabetical characters (for example!, $, #,%)
The complexity requirements are enforced when passwords are changed or created.

Default value:

Enabled on domain controllers.
Disabled on standalone servers.

Note: By default, member computers use the configuration of their domain controllers.

As already mentioned, these Windows password security settings are only applicable for local Windows PCs. For all Windows PCs that are in a network with a Windows domain controller, this policy is activated by default and does not have to be activated separately.

However, for security reasons we advise all standalone PC users to activate this policy.

You can also find more articles on the Windows password here.

– Activate the password history under Windows – Prevent the use of the same passwords over and over again
– Change the Windows password for Windows 10
– Set the minimum password length for Windows
– Lock and restart the computer after entering the wrong password several times
– Automatically lock Windows after invalid logins
– Create or change password security questions for Windows 10
– Manage, edit or delete saved passwords in the Edge Browser
– Hide the button for displaying the Windows password in Windows 10
– Delete cookies, form data and passwords in the Edge Browser
– Deactivate Windows 10 password query on Surface after pressing the Power button
– WLAN password display in plain text via DOS command
– reset Windows password of a Hyper-V VM
– reset administrator password