Error: The password you entered doesn't meet minimum security requirements. RRS feed

  • Question

  • Using Exchange 2013 Standard on premise with Active Directory on another server. I keep getting the same error when I use the change password function: The password you entered doesn't meet minimum security requirements. Am I missing a configuration. The group policy is set to 12 characters, age 30, and max pwd age is 90 days. I turned off the Password must meet complexity requirements. I tried even 24 characters no dictionary words and still get the above error. What do I need to do?

    Wednesday, November 8, 2017 9:43 PM


All replies

  • Hello Check the following things

    1) form based authentication is enabled

    2) SSL  Cert is configured properly ( most of the time self signed certs wont work )


    Medha Hosting 

    Server Hosting and Management

    Wednesday, November 8, 2017 10:06 PM
  • Hi Jackie,

    What's the value of the "Minimum password age" ? If it's not 0, try to set it to "0" and check again.

    Best Regards,

    Niko Cheng
    TechNet Community Support

    Please remember to mark the replies as answers.
    If you have feedback for TechNet Subscriber Support, contact

    Thursday, November 9, 2017 3:02 AM
  • In the security filtering area what should be in there for the password policy. Should you include the user group or others? This will only be a GPO for password settings for one domain.
    Thursday, November 9, 2017 7:53 PM
  • I tried lots of settings. Also I used the net accounts command to see what requirements were and I'm using more requirements that what is asked. But I'm still getting an error. The computer I'm using is on the same network as the exchange server and AD servers. I also used this to check requirements:

    gpresult /h gp.html

    The GPO is at the top of the domain and has authenticated users in the security filter.

    Still no luck. What else can be tried?

    • Edited by jackie.butler Friday, November 10, 2017 5:41 PM more info
    Friday, November 10, 2017 5:39 PM
  • I think you are not allowed to change password from exchange or webmail. you may have to enable it

    Thanks & Regards Ramandeep Singh

    Saturday, November 11, 2017 7:53 AM
  • How is this enabled?
    Saturday, November 11, 2017 3:26 PM
  • Get-OwaVirtualDirectory |fl *pass*

    check the result is it true or false

    Thanks & Regards Ramandeep Singh

    Sunday, November 12, 2017 12:32 AM
  • Here is the result:

    ChangePasswordEnabled : True

    I also ran this command on the server and set the GPO password settings way down to get this to work:  net accounts

    C:\Windows\system32>net accounts
    Force user logoff how long after time expires?:       Never
    Minimum password age (days):                          30
    Maximum password age (days):                          180
    Minimum password length:                              1
    Length of password history maintained:                24
    Lockout threshold:                                    3
    Lockout duration (minutes):                           3
    Lockout observation window (minutes):                 3
    Computer role:                                        SERVER
    The command completed successfully.

    The complexity is disabled.

    I entered this (a1cs6nx.2T) and still got the "The password you entered doesn't meet minimum security requirements."  Doesn't make sense. What is next?

    Sunday, November 12, 2017 5:42 PM
  • The one thing I did to get this to work was I set the password age to 0. Then everyone was able to change their password through OWA. Here is a link for more info:

    • Marked as answer by jackie.butler Tuesday, November 14, 2017 3:54 PM
    Tuesday, November 14, 2017 3:54 PM