Windows OS Hub / Windows 10 / Prevent Users from Changing Their Passwords in Windows

July 24, 2024

Prevent Users from Changing Their Passwords in Windows

An administrator can prevent users from changing their account password on Windows. It is possible to either hide the password change dialogue box or completely disable the ability to manually change a password for user accounts.

The default security settings in Windows require the user to change their password regularly. If the password has expired, a message will be displayed the next time the user logs on to Windows Your password has expired and must be changed. The user can change the password here.

Windows warning: Your password has expired and must be changed

In the account settings, you can disable password expiration and prevent certain users from changing their passwords.

  1. Open the local users and groups management snap-in (lusrmgr.msc)
  2. Expand Users
  3. Open the specific user’s properties and enable the options User cannot change password and Password never expires
    Enable the option: user cannot change password
  4. Save changes.

Or, use PowerShell to enable these account options for a local user:
Get-LocalUser user123| Set-LocalUser –PasswordNeverExpires $True -UserMayChangePassword $False

If you want to disable password expiration for all local Windows users, change the default password policy settings.

  1. Open the local GPO editor console (gpedit.msc)
  2. Go to Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy
  3. Change the Maximum password age value from 42 days (default) to 0. Password policy: disable password expiration on Windows

Or list the local Windows password policy settings by using the command:

net accounts

Disable password expiration for local users:

net accounts /maxpwage:unlimited

set unlimited maximum users' password age on windows

If autologon is enabled on Windows or the machine is used in Kiosk mode, we recommend you hide the Change a Password button on the Windows Security screen, which can be accessed by pressing Ctrl+Alt+Del.

Change a Password from Windows security screen

The password change button can be hidden via the Group Policy. Open the GPO editor and enable the policy option Remove Change Password under User Configuration -> Administrative Templates -> System -> Ctrl+Alt+Del Options.

GPO: Remove Change Password

Or disable the password change dialogue box via the registry:

reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableChangePassword /t REG_DWORD /d 1 /f

As a result, Windows users will no longer be able to change their passwords.

0 comment
1
Facebook Twitter Google + Pinterest
Questions and AnswersWindows 10Windows 11

Related Reading

Managing Windows Firewall Rules with PowerShell

March 11, 2024

Create a Custom Windows Image with Pre-installed Apps

February 28, 2024

Upgrading to Windows 11 on Unsupported Hardware

October 31, 2025

Configuring RemoteApps Hosted on Windows 10/11 (without Windows...

January 25, 2025

Fixing ‘The Network Path Was Not Found’ 0x80070035...

August 31, 2023

Installing Language Pack in Windows 10/11 with PowerShell

September 20, 2023

How to Assign (Passthrough) a Physical GPU to...

June 11, 2024

Fix: Your IT Administrator Has Limited Access to...

March 22, 2024

Leave a Comment