Last Updated on December 5, 2021 by Pupli
The Windows password policy rules can place restrictions on password history, age, length, and complexity. If you enable the PPE rules and the Windows rules, then users will have to comply with both sets of rules.
PPE has its own History, Minimum Age, Maximum Age, Length, and Complexity rules. You can use the PPE and Windows rules together, but it is easier to disable the Windows rules and use the PPE rules instead. To disable the Windows password policy rules:
1. Use the Group Policy Management Console, or Active Directory Users and Computers console to display the GPOs linked at the domain level.
2. Right-click the Default Domain Policy GPO (or whichever GPO you use to set your domain password policy), and then click Edit.
3. Expand the Computer Configuration, Policies (if it exists), Windows Settings, Security Settings, Account Policies, and Password Policy items.
4. Double-click Enforce password history in the right pane of the GPO Editor. Type 0 in the text box, and then click OK.
5. Repeat the step above for the Maximum password age, Minimum password age, and Minimum password length policies.
6. Double-click Password must meet complexity requirements in the right pane. Select the Disabled option, and then click OK.
7. Close the Group Policy Management Editor.
You do not have to disable all the Windows password policy rules to use PPE. You can use a combination of PPE and Windows rules together if you like. Just remember that a password is only accepted if it complies with the rules enforced by both Windows and PPE.