This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 69%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETR%3C/text%3E%3C/svg%3E)
I am new to SSPR. I use Azure AD Connect to synchronize users from On-Prem AD to Azure. That has been working for years. I am setting SSPR up for our school and have gotten to the point where I am testing my first user. During SSPR setup, I require registration and two forms of verification to make the change. SSPR takes me through both verification stages and allows me to get to the screen where I am typing in and verifying my new password and when I hit "OK", it says:
"This password does not meet the length, complexity, age, or history requirements of your corporate password policy."
It is my understanding that On-Prem AD policies override Azure password policies. I have changed the account password in On-Prem AD to the same password that I have been trying to change it to in SSPR and it takes it just fine. I am going through online troubleshooting ideas, but I don't know why SSPR is saying that it doesn't meet the policy requirements.
Thanks in advance for your help.
@Tim Reynolds
Thank you for following up on this!
I believe @Anonymous was referring to - if the minimum password age was set to "14" (days) for example, the GPO setting will prevent you from changing the user's password before the 14-day mark, which is why you would receive "This password does not meet the length...". However, since your minimum password age is set to 0 (which is correct), this shouldn't be the reason why SSPR failed. For more info.
From the error and since password Age isn't an issue, can you make sure the new password you tried to set meets your corporate password policy for length, complexity, and history?
Additional Links:
Password Policy
Password must meet complexity requirements
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
The normal gotcha for this that I've seen is age - is there a GPO setting that specifies a minimum age of a password? If it's set, it will stop successive password changes within a certain time period. If you are administratively changing it (vs the user changing it), or if the user object is flagged as "Change password on next login" in AD, the minimum age requirement will be ignored, which may lead to any inconsistency you're observing.
@Tim Reynolds
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
I wanted to add some information regarding the answer below:
I do have an on-prem Default Domain Policy with a minimum password age set to "0" and a maximum age at "180". Do I set the miniumum to something else?
In addition, I remember two passwords, complexity is required, password length is 8. I have the setting for "Store passwords using reversible encryption" as disabled.
Thanks!
IIt is still not resolved.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 28.000000000000004%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPE%3C/text%3E%3C/svg%3E)
Hello
Have you had any progress with this problem? I'm in the same situation.