Setting a Minimum Password Length

Preface:

Users can change their own passwords at anytime by pressing Ctrl-ALT-Del, clicking the Change Password button, typing their old one, and their new desired one. This isn't bad and it's a good habit for users to get into (don't want other people figuring out the users' passwords, do you? :-/). While setting passwords can be a good thing you don't want your users setting their passwords to, let's say, "h" or something way to easy to guess. Unfortunately, the way Windows Server 2003 ships, users can do this. In this tutorial we will set a minimum length, not difficult, but something that needs to be done, but gets over-looked a bit too much.

Method:

Click Start then Run..

In the Run box type "gpedit.msc"

Under Computer Configuration Click the + next to Windows Settings, then Security Settings, then Account Policy, then Password Policy

Double click Minimum password length and set a good sized password. I will use 7 characters

That's it. Users trying to change their passwords to one under the minimum length will now be presented with this very odd looking error

<-- Go back to the main tutorial page