Where is the Minimum Password Length Policy information stored on Windows 10?
Solution 1:
The minimum password length was since always stored in the registry for both system-wide and per-user. I believe this is still the case for Windows 10.
User Key:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network
System Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network
Value Name:
MinPwdLen
Data Type: REG_BINARY (Binary Value)
Solution 2:
I'm aware that it can be set via secpol for windows 10, but once set is it stored as a registry value?
It is indeed stored in the registry. You can also change it with `net accounts /minpwlen:7 in an elevated command prompt.
You can view the current value by using net accounts
in an elevated command prompt. The default value for an AD domain is going to be 7 characters.
This help page, https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/minimum-password-length, gives the location as 'Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy' but I can't see that as a file or registry location
The help page indicates the location of the group policy within the group policy editor.
Source: Customize the Password Policy in Windows 10/8/7
As for the location within the registry. It would be located within the following location.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SeCEdit\Reg Values\MACHINE/System/CurrentControlSet/Services/Netlogon/Parameters/
There is a strong possability the value is stored in multiple locations. While it exists in the above key, you would want to modify HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network\MinPwdLen
, if you are looking to change the value of the Minimum Password Length policy itself.
Source:
Registry path for password complexity and storing passwords using reversible encryption
Minimum password length