From 6b56302223467c6e3cab35e72525e406a8b2bbac Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 25 Mar 2020 09:01:19 -0700 Subject: [PATCH] Update password-must-meet-complexity-requirements.md --- .../password-must-meet-complexity-requirements.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md index b32a32dad0..b713a96ecb 100644 --- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md @@ -58,7 +58,7 @@ Additional settings that can be included in a custom Passfilt.dll are the use of ### Best practices -> [!NOTE] +> [!TIP] > For the latest best practices, see [Password Guidance](https://www.microsoft.com/research/publication/password-guidance). Set **Passwords must meet complexity requirements** to Enabled. This policy setting, combined with a minimum password length of 8, ensures that there are at least 218,340,105,584,896 different possibilities for a single password. This makes a brute force attack difficult, but still not impossible. @@ -106,6 +106,6 @@ If your organization has more stringent security requirements, you can create a The use of ALT key character combinations can greatly enhance the complexity of a password. However, such stringent password requirements can result in additional Help Desk requests. Alternatively, your organization could consider a requirement for all administrator passwords to use ALT characters in the 0128–0159 range. (ALT characters outside of this range can represent standard alphanumeric characters that would not add additional complexity to the password.) -## Related topics +## Related articles - [Password Policy](password-policy.md)