Password Complexity Requirements is'nt working.

Raul Chiarella 21 Reputation points
2022-01-17T17:03:37.853+00:00

Hello!

On my DC (Domain Controller) the Policy that enables "Password Complexity" is activated.
But for some unknown reason that i have no idea why it is not working...

When i try to CTRL + ALT + DEL and change a password of any user that belongs to my Active Directory, even if the the password meets the requirements here at this doc: https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements i get the message that says my password does not meet the minimum requirements of Password Complexity...

Yes.

I tried Pass!2022@, pass#2022, Pass2000.

All of them returns the same error! That the passwords does not meet the minimum requirement...

This is looking a lot like a bug to me! Very weird.

Can someone help me?

Windows for business Windows Client for IT Pros Directory services Active Directory
Windows for business Windows Server Devices and deployment Configure application groups
Windows for business Windows Client for IT Pros User experience Other
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Domagoj Novak 586 Reputation points
    2022-01-17T19:05:54.423+00:00

    Hello @Raul Chiarella ,

    can you provide the output of PowerShell command "Get-ADDefaultDomainPasswordPolicy" from your DC?

    Also, out of the three passwords you provided, only 1st one should've worked in the first place since the other two don't meet complexity requirements (missing uppercase; missing special character).

    Kind regards,
    Domagoj


  2. Thameur-BOURBITA 36,261 Reputation points Moderator
    2022-01-18T02:22:35.583+00:00

    Hi,

    Check the settings of password policy applied on your account by the following Powershell commands :

    This command let you check the settings of default password policy :
    Get-ADDefaultDomainPasswordPolicy -Current LoggedOnUser

    or
    This command let you check the settings of password policy in case of a FGPP is applied on your account :
    Get-ADUserResultantPasswordPolicy -identity UserName

    Please don't forget to mark helpful reply as answer

    0 comments No comments

  3. Limitless Technology 39,916 Reputation points
    2022-01-18T08:56:24.627+00:00

    Hello RaulChiarella

    There are other factors involved in password complexity and not only the character diversity.

    for example if you run the command NET ACCOUNTS, you will see other factors:

    Force user logoff how long after time expires?:
    Minimum password age (days):
    Maximum password age (days):
    Minimum password length:
    Length of password history maintained:
    Lockout threshold:
    Lockout duration (minutes):
    Lockout observation window (minutes):

    Usually when doing tests the suspect will be the Minimum Password Age, as in you can't change again your password before X days.


    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.