Where is the Minimum Password Length Policy information stored on Windows 10?

Solution 1:

The minimum password length was since always stored in the registry for both system-wide and per-user. I believe this is still the case for Windows 10.

  • User Key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network

  • System Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network

  • Value Name: MinPwdLen

  • Data Type: REG_BINARY (Binary Value)

Solution 2:

I'm aware that it can be set via secpol for windows 10, but once set is it stored as a registry value?

It is indeed stored in the registry. You can also change it with `net accounts /minpwlen:7 in an elevated command prompt.

You can view the current value by using net accounts in an elevated command prompt. The default value for an AD domain is going to be 7 characters.

This help page, https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/minimum-password-length, gives the location as 'Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy' but I can't see that as a file or registry location

The help page indicates the location of the group policy within the group policy editor.

enter image description here

Source: Customize the Password Policy in Windows 10/8/7

As for the location within the registry. It would be located within the following location.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/

There is a strong possability the value is stored in multiple locations. While it exists in the above key, you would want to modify HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network\MinPwdLen, if you are looking to change the value of the Minimum Password Length policy itself.

Source:

  • Registry path for password complexity and storing passwords using reversible encryption

  • Minimum password length