deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-19 04:13:41 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #6311 from VLG17/patch-66

Browse Source 
add note about best practices
This commit is contained in:
Denise Vangel-MSFT
2020-03-25 09:01:46 -07:00
committed by GitHub
parent eb883b7386 6b56302223
commit b8bf5b0fa9
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
View File

@ -14,7 +14,6 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
ms.date: 09/08/2017
---
# Password must meet complexity requirements
@ -59,6 +58,9 @@ Additional settings that can be included in a custom Passfilt.dll are the use of
### Best practices
> [!TIP]
> For the latest best practices, see [Password Guidance](https://www.microsoft.com/research/publication/password-guidance).
Set **Passwords must meet complexity requirements** to Enabled. This policy setting, combined with a minimum password length of 8, ensures that there are at least 218,340,105,584,896 different possibilities for a single password. This makes a brute force attack difficult, but still not impossible.
The use of ALT key character combinations can greatly enhance the complexity of a password. However, requiring all users in an organization to adhere to such stringent password requirements can result in unhappy users and an extremely busy Help Desk. Consider implementing a requirement in your organization to use ALT characters in the range from 0128 through 0159 as part of all administrator passwords. (ALT characters outside of this range can represent standard alphanumeric characters that do not add additional complexity to the password.)
@ -104,6 +106,6 @@ If your organization has more stringent security requirements, you can create a
The use of ALT key character combinations can greatly enhance the complexity of a password. However, such stringent password requirements can result in additional Help Desk requests. Alternatively, your organization could consider a requirement for all administrator passwords to use ALT characters in the 01280159 range. (ALT characters outside of this range can represent standard alphanumeric characters that would not add additional complexity to the password.)
## Related topics
## Related articles
- [Password Policy](password-policy.md)