Disable Strong Passwords Enforcement
By default Microsoft Windows Server 2008 enforces users in the Administrator usergroup to use strong passwords. Home users just want to create their own passwords without meeting any policies or leave it blank. This tutorial will explain how to disable these complexity requirements!
1. Click Run in the menu Start, then type gpedit.msc and click OK. In the Local Group Policy Editor expand Computer Configuration -> Windows Settings -> Security Settings -> Account Policies and click Password Policy.
2. In the right pane double click Password must meet complexity requirements and set it to Disabled. Click OK to save your change. You will now not longer be forced to use strong passwords; you can even use a blank one!
3. Optionally you can also choose to never let expire your passwords. To do this also open the Maximum password age policy and set set the value to 0. Click OK to save the policy change!
Thanks to Michael Sully and Mark for informing me about this tweaks!
Tags Server 2008 Workstation
June 9th, 2008 at 4:10
Admin, Maximum password age should be set to 0 so that password never expire.
Admin: Thanks, that’s useful information for the manual so added an extra step to this page! You are doing a very good job!
June 9th, 2008 at 17:05
I noticed that a quicker way to get to that screen was: Administrative Tools -> Local Security Policy -> Account Policies -> Password Policy. Cheers!
Admin: That’s right but now we are already at the right location so we change two settings at once!
July 19th, 2008 at 13:47
Hey Now,
This was a great post. It’s just what I wanted to do. I also love the series of Windows Server 2008 as a workstation.
Thx 4 the info,
Catto
August 28th, 2008 at 5:48
I tried this and those options are greyed out? It won’t let me disable or change password length etc. Help
Admin: Are you sure you haven’t joined a domain and that (parts of) the Group Policy Editor are disabled by the Domain Administrator? That is the only reason I can think of.
October 23rd, 2008 at 5:06
I also have the same problem. I tried to logon as Sys Admin but the GPE is still greyed out. How do I fix this?
Arris: I don’t know what the cause of this problem can be. If you ask your question at the Microsoft Technet Forums – Server 2008 section, I am sure you ‘ll get the solution!
November 30th, 2008 at 11:10
Hi,
This password settings solution rarely works (just google for “password complexity 2008″ and you’ll see what I mean) – The only solution I found was to create a new Group Policy, unlink and unenforce the default policy then disable the “Inherit settings” from your new policy. Then set the password settings as above and set the Link and Enforce settings for the new policy.
Phew!! – After all that open a command prompt and run “GPUpdate /force”
I couldn’t find any instructions on the Net that actually explained this in an understandable way, even at MSDN! – This finally worked for me, however I AM running a domain so all GP’s and GPO’s have to be linked to that domain. DO NOT DELETE THE DEFAULT POLICY – It’s needed by various system services (What a stupid thing to do MS!)
Hope this helps…
NevTheTech.
November 30th, 2008 at 11:20
Oh I forgot,
Why would anyone want to spend all that money on a Server operating system, then cripple it by running loads of CPU intensive services that aren’t needed to run a network? Just buy Vista and you have all the eye munchies without the extra expense of Server 2008. We all know that Vista and Server 2008 are basically the same OS just with specific services and programs either enabled or disabled according to what the machine will be used for. Using 2008 as a workstation is maybe interesting on a techie basis but I would seriously check your grip on reality if you actually consider doing this in the workplace. Don’t let your boss catch you either (or at least anyone who knows anything about computers – so your boss is probably OK actually.)
December 3rd, 2008 at 9:15
Students can currently get Server 2008 free through the DreamSpark program. I don’t really feel like buying a gaming OS to supplement my Linux install, thus I’m here.
January 2nd, 2009 at 17:25
If you are joined to a domain or using this as a workstation slash domain controller as i am then you need to do this through the Group Policy Manager in the Administrative Tools under Computer Configuration>Policies>Windows Settings>Security Settings>Account Policies>Password Policies: Then you will be able to edit the password policy for the entire domain. I am using two server 08 as domain controllers and have three machines on the domain and it enforced the policy for all.
Arris: Thanks for this tip!