This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 10%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
Users should use complex passwords. This is specified by GPO. Is it possible to see if users already use a complex password?
Answer accepted by question author
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Hi,
If you the user has changed his password after the modification of password policy , he doesn't have to change it again because it alreday respect the password complexity applied by the password policy.
You can know the date of last password change of the attribut Pwdlastset and the date.
Please don't forget to mark this reply as answer if it help you to fix your issue
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
point is that users may already have complex passwords
There's no method for you to know this though. Complexity is checked at time of creation. There's no process to recheck them.
--please don't forget to Accept as answer if the reply is helpful--
Thanks for the answers.
However, the point is that users may already have complex passwords, and therefore should not be forced to change a password again if it is already complex.
Hi,
Users should use complex passwords. This is specified by GPO. Is it possible to see if users already use a complex password?
When you apply new policy , to be sure that all users are used a password with new policy , you have to force them to change the password at the next logon.
Set-ADUser -Identity $sAMAccountName -ChangePasswordAtLogon $True
Please don't foget to mark this reply as answer if it help you to fix your issue
Simplest solution may be to force a password change after you modify the complexity.
https://social.technet.microsoft.com/Forums/en-US/ab34cdf2-8038-4bd1-b876-39ee267e1475/powershell-script-to-force-a-list-of-active-directory-domain-user-to-change-password-at-next-logon?forum=winserverpowershell
--please don't forget to Accept as answer if the reply is helpful--
Hi,
As DSPatrick said it is the most effective way to force a password change after you modify the complexity due to the security reason.
And if you also define the Password age also in the GPO, it will be forced to change the password and meet the complex policy .
Best Regards,