password does not meet complexity requirements in Windows 10 but it does RRS feed

  • Pertanyaan

  • Hi guys,

    We are having an issue when trying to change password using ctrl-alt-delete. It's saying the password doesn't meet complexity requirements but it does. The user account is on the domain and we are trying to let the user set their own user login password on the domain. What is the reason this is happening?


    • Diedit oleh hoandb Rabu, 21 Agustus 2019 16.55
    Rabu, 21 Agustus 2019 10.44

Semua Balasan

  • There is policy in group policy under Security Settings->Account Policies   

    And under Password must meet complexity if enable, then it force user to use complex password.

    Rabu, 21 Agustus 2019 18.05
  • Hello hoandb,

    The error text for ERROR_PASSWORD_RESTRICTION is "Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain."

    In other words, there are other factors that can affect the acceptability of a new password. Can you give an example of a password that you think should meet the requirements but fails, along with the minimum password length and an assurance that the password has not been used before for the target account? Do more complex passwords work?


    Rabu, 21 Agustus 2019 18.33
  • Hi,


    Please check if the password have meet complexity requirements.


    You could refer to the following official article as your reference:


    Meanwhile, check the password aging settings on the group policy. It will only allow them to change their password once during the specified aging period.


    Set the Minimum Password Age is to 0 day.


    If no, it may related with corrupted user profile, try to reset their accounts to see if the issue remains.


    Hope above information can help you.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Kamis, 22 Agustus 2019 03.31
  • Hi,

    We were not even using that GPO PasswordPolicy but when we were applying that policy to OU's it was not even working, we tweaked the policy, disabled password complexity and set minimum age to 0 days just to see if the policy was working in the first place but nothing worked. I also right clicked the policy and checked enforce.

    Is there like a Windows Server default within the domain that is stopping this policy?

    Kamis, 22 Agustus 2019 07.41
  • Hi,


    I haven't heard that.


    Go into your Domain>domainname>Default Domain Policy >Settings.


    What do you have for the following:


    Account Policies/Password Policy

    Account Policies/Account Lockout Policy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact

    Jumat, 23 Agustus 2019 06.53
  • Hi,

    There is nothing I can see in the default domain policy affecting the PasswordPolicy.

    • Diedit oleh hoandb Jumat, 23 Agustus 2019 10.08
    Jumat, 23 Agustus 2019 07.55
  • Hello,

    Open an elevated CMD prompt.

    run Net accounts

    Post the results

    You may want to run net accounts /domain

    Compare the output to see if there is any differences

    This will show us some of settings that may be affecting the error message.

    Thanks, Darrell Gorter [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Jumat, 23 Agustus 2019 16.52