Last updated on May 28th, 2019
The "Password must meet complexity requirements" policy setting in Server 2016, determines the minimum requirements when passwords are changed or created. The rules that are included in the Windows Server password complexity requirements are part of Passfilt.dll, and they cannot be directly modified.
By default in Server 2016, passwords must meet the following minimum requirements:
1. Passwords must not contain the user's account name or parts of the user's full name that exceed two consecutive characters.
2. Passwords must be at least seven characters in length.
3. Passwords must contain characters from three of the following four categories:
a. English uppercase characters (A through Z)
b. English lowercase characters (a through z)
c. Base 10 digits (0 through 9)
d. Non-alphabetic characters (for example, !, $, #, %)
This tutorial contains instructions on how to turn off the Password Complexity requirements on a Stand-Alone Server 2016 or in a Active Directory Domain Controller 2016.
How to Remove the Password Complexity requirements in Active Directory Server 2016 or a Stand Alone Server 2016.
Part 1. How to Turn Off Password Complexity requirements in Active Directory Domain Server 2016.
To remove the password complexity in Active Directory 2016.
1. In Server 2016 AD Domain Controller, open the Server Manager and then from Tools menu, open the Group Policy Management. *
* Additionally, navigate to Control Panel -> Administrative Tools -> Group Policy Management.
2. Under Domains, select your domain and then right click at Default Domain Policy and choose Edit.
3. Then navigate to:
- Computer Configuration\Policies\Windows Settings\Security Settings\Account Policies\Password Policy
4. At the right pane, double click at Password must meet complexity requirements.
5. Select Define this Policy setting: Disabled and then click OK.
6. Finally, open Command Prompt as Administrator and give the following command to update the group policy.
- gpupdate /force
Part 2. How to Turn Off Password Complexity requirements in a standalone Server 2016.
1. From Server Manager go to Tools and open Local Security Policy, or (additionally), go to Control Panel open Administrative Tools and then open the Local Security Policy.
2. Under Security settings, select Password Policy.
3. At the right pane, double click at Password must meet complexity requirements.
4. Select Disabled and then click OK.
5. Finally, open Command Prompt as Administrator and give the following command to update the group policy.
- gpupdate /force
That’s it! Let me know if this guide has helped you by leaving your comment about your experience. Please like and share this guide to help others.