Share via

EnableLUA and RelaxMinimumPasswordLengthLimits

Anonymous
2024-08-23T19:04:46+00:00

Good afternoon, can I get clarify why 4,0 is used?

MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA=4,0
MACHINE\System\CurrentControlSet\Control\SAM\RelaxMinimumPasswordLengthLimits=4,0

Windows Server Identity and access

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-08-26T06:30:11+00:00

    Hi NavinLX,

    Thank you for posting in the Microsoft Community Forums.

    In Windows, EnableLUA and RelaxMinimumPasswordLengthLimits are two settings that are located in different registry entries, each of which serves a different purpose and does not usually appear as a combination of “4,0”. Below I will explain each of these settings and clear up any possible misunderstandings.

    EnableLUA

    Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA

    Function: EnableLUA (Lua for Local User Account) sets the level of User Account Control (UAC) used to control the Windows system. When the value of EnableLUA is 1, UAC is enabled, which means that changes to important parts of the system (such as installing software or changing system settings) will require administrator privileges, and an elevation of privileges dialog box may be displayed. When the value of EnableLUA is 0, UAC is disabled, which means that most operations will be performed with the current user's privileges without additional confirmation.

    Misunderstanding about “4,0”: EnableLUA is usually set to 0 (disable UAC) or 1 (enable UAC), not “4,0”. If you see a value like “4,0” somewhere, it's probably a misunderstanding or an error.

    RelaxMinimumPasswordLengthLimits

    Location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SAM\RelaxMinimumPasswordLengthLimits

    Note: Please note that in newer versions of Windows, the paths may be slightly different, e.g. using MACHINE\System\CurrentControlSet\Control\SAM\ directly instead of HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Lsa\SAM.

    Purpose: The RelaxMinimumPasswordLengthLimits setting is used to control whether or not Windows relaxes the restriction on the minimum length of passwords. When this setting is enabled (with a value of 1), Windows will allow password lengths less than the minimum password length set through Group Policy (if set). This is primarily used for backward compatibility with applications or services that do not support longer passwords. When this setting is disabled (value 0), Windows will enforce the minimum password length set via Group Policy.

    Misunderstanding about “4,0”: Similarly, RelaxMinimumPasswordLengthLimits is usually set to 0 (to disable relaxation of the limit) or 1 (to enable relaxation of the limit), not “4,0”.

    Best regards

    Neuvi

    0 comments