Hey everyone, I'm running a local Active Directory at Functional Level 2016, with my main DC on Server 2016 and a secondary DC on Server 2019. Recently, my users have started encountering errors when trying to change their passwords, getting that frustrating "password does not meet complexity standards" message. I haven't changed the default complexity requirements in the GPO for years, and everything has been working well until now. Even when I generate new random passwords that should meet all complexity requirements, I still face the same error. Has anyone dealt with this issue before and can offer some advice?
3 Answers
One thing to check is your minimum password age setting. If it's more than 0, users might be trying to change their passwords before they are allowed to. That could totally trigger the complexity error you're seeing. Just a thought!
I was in a similar situation where the minimum password age was set to 1 day. It caught me off guard because I had new users who I told to change their passwords right after their first login. That explains why it was just the new users running into this issue rather than the veterans.
Good to know! I might need to check my settings as well since we onboard new users regularly.
Make sure you double-check the minimum password age in your policy. If it's set to more than 0, that could definitely be why they can't change their password right after their first login.
I’ve noticed that too! It's often the new hires who forget they can’t reset their passwords immediately. Makes things tricky.