Learn more about password requirements for mailboxes

 

Applies to: Exchange Online, Exchange Server 2013

Topic Last Modified: 2013-07-10

importantImportant:
This feature of Exchange Server 2013 isn’t fully compatible with Office 365 operated by 21Vianet in China and some feature limitations may apply. For more information, see Learn about Office 365 operated by 21Vianet.

The Active Directory domain in which you’re creating new mailboxes determines the password requirements for the new mailboxes. These requirements include password length, password complexity, and password history. For information about the default password policy settings, see Domain Policy Settings.

When the default password policy settings are applied to your domain, you must meet the following password requirements when creating a new mailbox:

  • Passwords can’t contain the user's account name or parts of the user's full name that exceed two consecutive characters.

  • Passwords must be at least six characters long.

  • Passwords must contain characters from three of the following four categories:

    • Uppercase letters (A through Z).

    • Lowercase letters (a through z).

    • Numbers (0 through 9).

    • The following non-alphabetic characters: ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /

 
Show: