To read more about Fined Grained Password Policy, please refer to http://www.adshotgyan.com/2010/12/fined-grained-password-policy-concept.html
In this topic, we will discuss about the difference between the Password Policy Complexity Prompt that you will get when you will use a Group Policy and when you will use a Fined Grained Password Policy
This is the default Password Policy Configuration in the Default Domain Policy. The option "Password must meet complexity requirement" is Enabled
Lets create a User and select the option "User must change the password at next log on" (This will make our test easier as we don't have to log on and then change the password to see the banner)
On an Windows XP Machine, try to change the password and give a week password (New)
This is the Password Complexity Banner that you will get when you enable the Password Policy using Group Policy (Note the details in the Banner)
Now lets make the Password Policy Settings as "Not Defined" in the Default Domain Policy and on the Local Group Policy of the Domain Controller
Now lets try to change the password and give a week password (New)
This time we did not got any Error/Warning
We will now create a Fined-Grained Password Policy
Apply the Password Policy to the User
Make sure that the Password Policy has been applied to that User
Lets now try to change the Password
This is the Password Complexity Banner that you will get when you enable the Password Policy using FGPP (Note the details in the Banner) (This banner has less options as compared to the banner that we got when we have applied the Password Policy using Group Policy)
Now the question arises what if I want the Password Complexity Banner of a Group Policy with FGPP?
Yes, this is possible. You just need to enable the option "Password must meet complexity Requirements" in the default domain policy
Here we go..... We got the Password Complexity Banner with FGPP !!!!!
