Merge pull request #6875 from illfated/password-length

Security/Threat protection: password length values

windows/security/threat-protection/security-policy-settings/minimum-password-length.md

@@ -26,11 +26,11 @@ Describes the best practices, location, values, policy management, and security
 
 ## Reference
 
-The **Minimum password length** policy setting determines the least number of characters that can make up a password for a user account. You can set a value of between 1 and 14 characters, or you can establish that no password is required by setting the number of characters to 0.
+The **Minimum password length** policy setting determines the least number of characters that can make up a password for a user account. You can set a value of between 1 and 20 characters, or you can establish that no password is required by setting the number of characters to 0.
 
 ### Possible values
 
--   User-specified number of characters between 0 and 14
+- User-specified number of characters between 0 and 20
 - Not defined
 
 ### Best practices
@@ -80,7 +80,8 @@ Configure the **** policy setting to a value of 8 or more. If the number of char
 
 In most environments, we recommend an eight-character password because it is long enough to provide adequate security, but not too difficult for users to easily remember. This configuration provides adequate defense against a brute force attack. Using the [Password must meet complexity requirements](password-must-meet-complexity-requirements.md) policy setting in addition to the **Minimum password length** setting helps reduce the possibility of a dictionary attack.
 
->**Note:**  Some jurisdictions have established legal requirements for password length as part of establishing security regulations.
+> [!NOTE]
+> Some jurisdictions have established legal requirements for password length as part of establishing security regulations.
 
 ### Potential impact