Share via

Windows AD password complexity to require 4 character types

justin formosa 0 Reputation points
2023-12-21T14:20:20.4933333+00:00

My organization would like to enforce the requirement of 4 character types when changing passwords. We have complexity set in our fine grained password policy (which only enforces 3 types). Is there a setting in GPO to enforce 4? or is the only way with a 3rd-party solution?

Windows for business Windows Client for IT Pros Directory services Active Directory
Windows for business Windows Client for IT Pros User experience Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Thameur-BOURBITA 36,261 Reputation points Moderator
    2023-12-21T14:39:03.6+00:00

    Hi @Justin Formosa

    Unfortunately no. in GPO you have also this option Passwords must meet complexity requirements to force 3 character types as mentioned in the link below:

    Password must meet complexity requirements

    You should explain to your organisation that's not possible and that you can force only 3 character types through active directory feature (GPO and fine grained password policy).

    Please don't forget to accept helpful answer

  2. Anonymous
    2023-12-22T02:08:33.8466667+00:00

    Hello justin formosa,

    Thank you for posting in Q&A forum.

    I agree with Thameur-BOURBITA.

    I originally thought that maybe the Custom Password Filter would do what you wanted, but after my query, I found that it doesn't work either.

    https://learn.microsoft.com/en-us/windows/win32/secmgmt/strong-password-enforcement-and-passfilt-dll

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.