How To Customize Password Policies In Windows (10/8/7) Accounts

How To Customize Password Policies In Windows (10/8/7) Accounts:- If you try to set a new password to your Google account with an old one, you will instantly be prompted to choose a different password saying that the password you are trying to set has already been used before. This happens because Google enforces password history to your Google accounts. Likewise there are a handful of other password policies which are quite useful in helping users choose and keep strong passwords for their accounts. Good news is that you can apply these password policies to your Windows accounts as well.


  • Press Win+R keys together to open the Run dialog box. Once it opens up, type in secpol.msc and hit the enter key.



  • A separate window for Local Security Policy opens up. In the left pane of the window, expand Account Policies and click on Password Policy to view its security settings in the right window pane.



  • Enforce Password History:-

    Double click on this entry to enforce password history to an account. You can set the number of passwords to be remembered. That is, before repeating an old password, the given number of unique passwords should be associated with the specific account.



  • Maximum password age:-

    Here you get to set an expiry date for a password. That is, after this particular number of days expire, the system asks the user to update the password.



  • Minimum password age:-

    This policy lets you set a minimum age for your passwords. That is, if a password is set, it can’t be changed until the given minimum age expires. If you set it to zero, then you can change the password right after you set it.



  • Minimum password length:-

    Here you get to set the minimum number of characters or numbers that your password should contain. If the password doesn’t contain the specified number of minimum characters, then an alert will be thrown at you.



  • Password must meet complexity requirements:-

    If this policy is enabled, then your password should meet the following complexity requirements as put by Windows:

    Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
    Be at least six characters in length
    Contain characters from three of the following four categories:
    English uppercase characters (A through Z)
    English lowercase characters (a through z)
    Base 10 digits (0 through 9)
    Non-alphabetic characters (for example, !, $, #, %)
    Complexity requirements are enforced when passwords are changed or created.



  • Store passwords using reversible encryption:-

    Enable this policy under the following 2 circumstances:
    1. When using Challenge-Handshake Authentication Protocol (CHAP) authentication through remote access or Internet Authentication Services (IAS).
    2. When using Digest Authentication in Internet Information Services (IIS).


Do not wait any longer to get your password policies customized as per your requirements. Please leave out your valuable comments/ suggestions in the comments section below.