Microsoft already requires a minimum password length for all Microsoft accounts for security reasons. If you want to reinforce all local accounts, you can set a minimum password length in Windows 10 for each user. Here’s how to set a minimum password length in Windows 10.
When you create a new local user on Windows 10, the account doesn’t require a password by default. However, in case you want to set a minimum password length for everyone, there are a couple of ways to do this for the safety of your computer.
First of all, you will need to run an elevated instance of Command Prompt. In case you prefer using PowerShell then, you can use that as well. The following command works virtually the same on either program. However, be sure to tap on “Run As Administrator” if you choose to use PowerShell.
Tap on the Start button, type “cmd” into the search box, right-click on the “Command Prompt” result, and then select “Run As Administrator.”
Now at the prompt, type the following command (replacing “PassLength” with the minimum password length you want to apply):
net accounts /minpwlen:PassLength
Then press the Enter key, and you will see a prompt telling you the command completed successfully.
Kindly note: While you can technically select anything from 1-20 characters in length, try to choose something that provides adequate security and doesn’t make it much difficult for users to remember their passwords.
Now, in case you want to make sure it’s been applied then, type in the following command and then press the Enter key to check:
In order to remove minimum password length, Kindly type in the following command to remove mandatory passwords for local accounts:
net accounts /minpwlen:0
Now to make your accounts even more secure, you can enforce a maximum password age, which gets users to generate a new password after a length of time.
For anyone who doesn’t want to mess around with Command Prompt or if you feel more comfortable with a graphical interface, Windows 10 Pro and Enterprise users can take advantage of the Local Group Policy Editor.
It is quite a pretty powerful tool, so if you’ve never used it before, it’s worth taking some time to learn what it can do.
Moreover, if you’re on a company network, do everyone a favour and check with your admin first. In case your work computer is part of a domain. Then, it’s also likely that it’s part of a domain group policy that will supersede the local group policy, anyway.
Then you have to also make a System Restore point before continuing. Windows generally do this automatically when you install the Anniversary Update. However, still, it couldn’t hurt to make one manually that way, in case something goes wrong then, you can always rollback.
Step 1: First of all, launch the group policy editor by pressing Windows+R, typing “gpedit.msc” into the box, and then press the Enter key.
Step 2: Now navigate to Computer configuration > Windows settings > Security settings > Account policies > Password policy.
Step 3: Once you reach here, locate the setting “Minimum Password Length”. Then double-click on it.
Step 4: After that from the properties menu that opens, type in the minimum password length you want to apply and tap on “OK” when you finish.
As a bonus, in case you want to enable password complexity requirements then, you can make users create a much more secure password that must meet specific criteria. Windows generally enforce these complexity requirements when users next change or create passwords.
In case enabled then, passwords must meet the following criteria:
1. It should not contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
2. It should be at least six characters in length.
3. It should contain characters from three of the following four categories:
Now, Double-click “Password must meet complexity requirements” to open up the properties menu.
When the properties menu opens, just tap on the radio button next to “Enabled”. Then select the “OK” button when you are finished.
That’s all there is to do. Now you can close the Group Policy Editor. Changes made to this policy become active immediately and do not require a restart of your device.