Skip to content

Password policies configuration (Windows policy)

With the Password policies configuration you define requirements for the passwords of Windows user accounts.

Restriction

Password complexity rules (for example length, number of uppercase and lowercase letters) for Windows computers are fixed and cannot be set by a Sophos Mobile policy.

For details, see Windows password complexity rules.

Restriction

Password policies can’t be assigned to Windows computers if the following conditions are both met:

  • There are other local users configured on the device in addition to the user that is enrolled with Sophos Mobile.
  • One or more of these other users are not allowed to change their password.
Setting Description
Maximum number of failed attempts The number of authentication attempts allowed.

When users reach this number, the device restarts, and the user must enter the BitLocker recovery key.

Enter 0 for no restriction.

Time in minutes until the device is locked The time period (in minutes) after which the device is locked if it has not been used. The user can unlock the device.

Enter 0 for no restriction.

Password history The number of previously used passwords Sophos Mobile stores.

When the user sets a new password, it mustn’t match a password that was already used.

Maximum password age in days The number of days after which users must change their password.

Enter 0 for no restriction.