Windows Server 2022 must have the built-in Windows password complexity policy enabled.

An XCCDF Rule

Details
Profiles

Description

The use of complex passwords increases their strength against attack. The built-in Windows password complexity policy requires passwords to contain at least three of the four types of characters (numbers, uppercase and lowercase letters, and special characters) and prevents the inclusion of user names or parts of user names. Satisfies: SRG-OS-000069-GPOS-00037, SRG-OS-000070-GPOS-00038, SRG-OS-000071-GPOS-00039, SRG-OS-000266-GPOS-00101

ID: SV-254292r1051094_rule
Version: WN22-AC-000080
Severity: Medium
References: CCI-000192 CCI-000193 CCI-000194 CCI-001619 CCI-004066
Updated: 6 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy >> Password must meet complexity requirements to "Enabled".

Windows Server 2022 must have the built-in Windows password complexity policy enabled.

Description

Remediation Templates

A Manual Procedure