Windows OS Hub / Windows 10 / Prevent Users from Changing Their Passwords in Windows

July 24, 2024 Questions and AnswersWindows 10Windows 11

Prevent Users from Changing Their Passwords in Windows

An administrator can prevent users from changing their account password on Windows. It is possible to either hide the password change dialogue box or completely disable the ability to manually change a password for user accounts.

The default security settings in Windows require the user to change their password regularly. If the password has expired, a message will be displayed the next time the user logs on to Windows Your password has expired and must be changed. The user can change the password here.

Windows warning: Your password has expired and must be changed

In the account settings, you can disable password expiration and prevent certain users from changing their passwords.

  1. Open the local users and groups management snap-in (lusrmgr.msc)
  2. Expand Users
  3. Open the specific user’s properties and enable the options User cannot change password and Password never expires
    Enable the option: user cannot change password
  4. Save changes.

Or, use PowerShell to enable these account options for a local user:
Get-LocalUser user123| Set-LocalUser –PasswordNeverExpires $True -UserMayChangePassword $False

If you want to disable password expiration for all local Windows users, change the default password policy settings.

  1. Open the local GPO editor console (gpedit.msc)
  2. Go to Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy
  3. Change the Maximum password age value from 42 days (default) to 0. Password policy: disable password expiration on Windows

Or list the local Windows password policy settings by using the command:

net accounts

Disable password expiration for local users:

net accounts /maxpwage:unlimited

set unlimited maximum users' password age on windows

If autologon is enabled on Windows or the machine is used in Kiosk mode, we recommend you hide the Change a Password button on the Windows Security screen, which can be accessed by pressing Ctrl+Alt+Del.

Change a Password from Windows security screen

The password change button can be hidden via the Group Policy. Open the GPO editor and enable the policy option Remove Change Password under User Configuration -> Administrative Templates -> System -> Ctrl+Alt+Del Options.

GPO: Remove Change Password

Or disable the password change dialogue box via the registry:

reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableChangePassword /t REG_DWORD /d 1 /f

As a result, Windows users will no longer be able to change their passwords.

0 comment
1
Facebook Twitter Google + Pinterest

Related Reading

View Windows Update History with PowerShell (CMD)

April 30, 2025

Cannot Install Network Adapter Drivers on Windows Server

April 29, 2025

Change BIOS from Legacy to UEFI without Reinstalling...

April 21, 2025

Remove ‘Your License isn’t Genuine’ Banner in MS...

April 21, 2025

Uninstalling Windows Updates via CMD/PowerShell

April 18, 2025

Leave a Comment