Learn more about password requirements for mail users
Applies to: Exchange Online, Exchange Server 2013
The Active Directory domain in which you’re creating new mail users determines the password requirements for the new mail users. These requirements include password length, password complexity, and password history. For information about the default password policy settings, see Domain Policy Settings.
When the default password policy settings are applied to your domain, you must meet the following password requirements when creating a new mail user:
Passwords can’t contain the user's account name or parts of the user's full name that exceed two consecutive characters.
Passwords must be at least six characters long.
Passwords must contain characters from three of the following four categories:
Uppercase letters (A through Z).
Lowercase letters (a through z).
Numbers (0 through 9).
The following non-alphabetic characters:
` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /