Friday, January 11, 2013

Edit The Password Policy on Windows Server 2008 R2

How to edit the password policy on Windows Server 2008 R2 with Active Directory

When setting up a new Windows Server 2008 server either with or without Active Directory you will discover that it has a rather strong policy for passwords.  If you are setting this up at home or in a small business environment and don't want to deal with the complex passwords that are required to meet the policy guidelines, you can edit the policy to disable the complexity requirements.  You can try going to a command prompt and typing 'gpedit.msc' then navigating to Computer Settings\Windows Settings\Security Settings\Account Policies\Password Policy\ section.
Here you will see the 'Password must meet complexity requirements' item.  When viewing the properties of it, usually the Enabled/Disabled radio buttons will be grayed out and you cannot change the values.  If they are able to be changed, go ahead and do it, and save out of the dialog boxes.  If it is grayed out and you cannot change it here, this is how you do it:

    Go to a command prompt

    Type 'secedit /export /cfg c:\local.cfg' and hit enter
    Using notepad, edit c:\local.cfg
    Look for the line "PasswordComplexity = 1" and change it to "PasswordComplexity = 0"
    You can also edit "MinimumPasswordLength = 7" to a lesser value if you like.
    Save the file
    At a command prompt type 'secedit /configure /db %windir%\security\local.sdb /cfg c:\local.cfg /areas SECURITYPOLICY

This will apply the new settings and refreshing the gpedit.msc should reflect the new settings. Set your new less complex password!

Source :

1 comment:

  1. BlueHost is definitely the best web-hosting provider for any hosting services you require.