User unable to reset password from Exchange even with very strong password

A user experiences the following error and he is certain that he has a very strong password.

The password you entered doesn’t meet the minimum security requirements.

If you are certain that the password you selected is very strong, this error can most likely be related to Minimum password age.

The Minimum password age policy setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow password changes immediately by setting the number of days to 0.

If the minimum password age is more than 0 and you tried to change password before that period, it will show you the above error. This can happen if the user tries to immediately reset it when he gets the credential for the first time in his organization.

Minimum Password age can be changed from Group Policy Management Console (GPMC).

Let us see how it is done.

Login to one of the domain controllers over remote desktop and run gpmc.msc

Group Policy Management Console will open.


Expand your forest > Domains > your domain name and click on Default Domain Policy

A warning will show up reminding that the changes you make are global. You can click OK.

Right click on Default Domain Policy and click on edit.


Group Policy Management Editor will open.

Expand Computer Configuration > Policies > Windows Settings > Security Settings > Account Policies and select Password Policy.

You will see Minimum Password Age.


Right click and click on properties.

Change it to 0 days and click ok.

You have changed Minimum password age for the domain to 0 days.

Now you can change password for the user without any errors.

Add a Comment

Your email address will not be published. Required fields are marked *