Minimum password length

Information

Minimum password length

This security setting determines the least number of characters that a password for a user account may contain. You can set a value of between 1 and 14 characters, or you can establish that no password is required by setting the number of characters to 0.

Default:

7 on domain controllers.
0 on stand-alone servers.

Note: By default, member computers follow the configuration of their domain controllers.

Solution

Policy Path: Password Policy
Policy Setting Name: Minimum password length

See Also

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-for-windows-10-v1909-and-windows-server/ba-p/1023093

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(a), CSCv6|5.7, CSCv6|16.2, CSCv6|16.5

Plugin: Windows

Control ID: 031c88ee8e18af97f7eeffe3d0df0ce82aca94f12d04a4323b79deec36795d54