How to Enforce Password Rules on Users in Windows

If you are a Windows administrator managing multiple user accounts or computers, then you may want to enforce password rules like the complexity and maximum age to keep the computers safe from weak passwords. Using strong passwords and changing them once in a while, if not frequently, is one way to protect the system integrity. In fact, most online and offline accounts enforce these kinds of password rules to keep their users and information safe. You can do the same for your Windows machine using the deeply buried system configuration settings. So, if you ever need to, here is how you can enforce password rules on users in a Windows system.

To enforce password rules on Windows users, we are going to use the Windows Group Policy Editor. To start, press “Win + R”, type gpedit.msc and press the Enter button to open the Group Policy Editor.

Open the Group Policy Editor.

Here, navigate to the following policy in the Group Policy Editor.

Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy

Navigate to the following policy.

In this window you can set different password rules like complexity, age, storage, etc. If you want the users password to meet the password complexity rules, then find and double click on the policy “Password must meet complexity requirement.”

Double-click on the policy 'Password must meet complexity requirement.'

The above action will open the Password Complexity configuration window. Select the radio button “Enabled” and click on the “Ok” button to save the changes.

Select the radio button 'Enabled.'

If you want to know what complexity rules are being applied, click on the “Explain” tab to see the rules. Unfortunately, you cannot set your own password complexity rules.

Unfortunately, you cannot set your own password complexity rules.

By default, setting the password complexity rule mandates that the password length should be at least six characters long. But if you want to increase the length of the password, double click on the policy “Minimum Password Length” in the same window, enter the required length and click the Ok button to save the changes. Recommended password length is at least twelve characters long (Personally, I used a minimum of 20 characters for all my passwords, though that may be too long for many users).

 Recommended password length is eight or twelve characters long.

Besides setting the password complexity and minimum length rules, you can also configure your Windows system to force the users to change the password after a pre-defined number of days. To do that, find and double click on the policy “Maximum Password Age,” enter the maximum number of days and click on the Ok button to save the changes. Recommended maximum password age is between 30 and 90 days.

Recommended maximum password age is between 30 and 90 days.

If you want to restrict users from reusing the previous passwords, you can configure Windows to remember a pre-defined number of old passwords so that it can. To do that, double click on the policy “Enforce Password History,” enter the number of passwords you want Windows to store in its history module and click on the “Ok” button to save the changes.

The value entered should be between 0 and 24, i.e. Windows can only store a maximum of 24 passwords in the history.

The value entered should be between 0 and 24.

That’s all there is to do, and it is that simple to enforce password rules on a Windows system. With the above simple rules, you can make your Windows computer more secure and safe from the weak passwords.

Hopefully that helps, and do comment below sharing your thoughts and experiences about setting and using the password complexity rules on your Windows system.