The security of your Windows user account, Is only as good as the password that's used to protect It. If It's based on commonly used, easy to guess or contains some sort of personal entries, such as part of your full name and date of birth, It's like leaving the key under the mat In your own home- an open Invitation for anyone to gain access. As such, In this tutorial, I will show you how to set a password complexity requirement for user accounts.
Before I make a start, here's what I'm referring to. The local user account password In Windows 10 (and below), Is simply used to prevent unauthorized access to the PC on which It's created on. Once applied, this means that every time you reboot your system, switch users or log off & log on, a password Is required to access the Windows environment.
At the time of this article, there Is no complexity requirement when adding a password to a given local user account. For Instance, I've just created an account with a password of 1234. How easy can this be cracked, either by guessing or via automated tools? Enough said!
As a result, I will demonstrate how to set a password complexity requirement, whereby users will be forced to meet the following minimum requirements when passwords are created or changed.
Not contain the user's account name or parts of the user's full name that exceed two consecutive characters Be at least six characters in length Contain characters from three of the following four categories: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example, !, $, #, %):
To do this, I will use the good old Group Policy Editor, which Is only available In Windows 10 Pro, Education and Enterprise editions. If you're running either of these, then this tutorial Is for you. So without further delay, let's get this started.
Step One:To access the Group Policy Editor, open the Run menu, enter gpedit.msc and hit OK as shown below.
Step Two:The Group Policy Editor will now open, so navigate to the following directory.
Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy
Make sure Password Policy Is selected and on the right pane, double-click Password must meet complexity requirements.
Step Three:Next, select the Enabled radio button and then hit OK to finalize the process.
Step Four:The password complexity requirement, has now been applied to all current accounts (when changing the password), and when creating new local user accounts. Let's put this to the test by creating a new account. I've opened the Windows Settings > Accounts > Family & other users and to the right of the window, I've hit Add someone else to this PC.
Step Five:I've named my account Windows 10 Tips, and In the Make It secure fields, I've entered and confirmed my password, namely 1234. Obviously this doesn't meet the minimum requirements. Let's see what happens when I hit Next.
Last Step:As expected and as you can see, an error message has been returned, Indicating that the password does not meet the complexity requirements. Perfect!
Final Thoughts:I'd say It's safe to assume, that you're now well aware of the Importance to set a complex password on any local user account on your computer. The good thing about this Implementation, Is that It forces users to apply complex passwords and unless they comply with the requirements, the password cannot be created or changed (for existing accounts).
To reverse the change and remove the complexity requirement, simply refer to Step Three above, select the Disabled radio button and hit OK.