Windows OS Hub
  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux

 Windows OS Hub / Windows 10 / Prevent Users from Changing Their Passwords in Windows

July 24, 2024

Prevent Users from Changing Their Passwords in Windows

An administrator can prevent users from changing their account password on Windows. It is possible to either hide the password change dialogue box or completely disable the ability to manually change a password for user accounts.

The default security settings in Windows require the user to change their password regularly. If the password has expired, a message will be displayed the next time the user logs on to Windows Your password has expired and must be changed. The user can change the password here.

Windows warning: Your password has expired and must be changed

In the account settings, you can disable password expiration and prevent certain users from changing their passwords.

  1. Open the local users and groups management snap-in (lusrmgr.msc)
  2. Expand Users
  3. Open the specific user’s properties and enable the options User cannot change password and Password never expires
    Enable the option: user cannot change password
  4. Save changes.

Or, use PowerShell to enable these account options for a local user:
Get-LocalUser user123| Set-LocalUser –PasswordNeverExpires $True -UserMayChangePassword $False

If you want to disable password expiration for all local Windows users, change the default password policy settings.

  1. Open the local GPO editor console (gpedit.msc)
  2. Go to Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy
  3. Change the Maximum password age value from 42 days (default) to 0. Password policy: disable password expiration on Windows

Or list the local Windows password policy settings by using the command:

net accounts

Disable password expiration for local users:

net accounts /maxpwage:unlimited

set unlimited maximum users' password age on windows

If autologon is enabled on Windows or the machine is used in Kiosk mode, we recommend you hide the Change a Password button on the Windows Security screen, which can be accessed by pressing Ctrl+Alt+Del.

Change a Password from Windows security screen

The password change button can be hidden via the Group Policy. Open the GPO editor and enable the policy option Remove Change Password under User Configuration -> Administrative Templates -> System -> Ctrl+Alt+Del Options.

GPO: Remove Change Password

Or disable the password change dialogue box via the registry:

reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableChangePassword /t REG_DWORD /d 1 /f

As a result, Windows users will no longer be able to change their passwords.

0 comment
1
Facebook Twitter Google + Pinterest
Questions and AnswersWindows 10Windows 11
previous post
Can’t Access Shared Folders on NAS in Windows 11 24H2
next post
How to Migrate (Import) VMs from VMware ESXi to Proxmox

Related Reading

Managing Windows Firewall Rules with PowerShell

March 11, 2024

Create a Custom Windows Image with Pre-installed Apps

February 28, 2024

Fixing ‘The Network Path Was Not Found’ 0x80070035...

August 31, 2023

Upgrading to Windows 11 on Unsupported Hardware

March 6, 2024

Installing Language Pack in Windows 10/11 with PowerShell

September 20, 2023

How to Assign (Passthrough) a Physical GPU to...

June 11, 2024

Configuring RemoteApps Hosted on Windows 10/11 (without Windows...

January 25, 2025

Enable Hyper-V on Windows 10/11 Pro and Home...

August 12, 2024

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Configuring Windows Protected Print Mode (WPP)

    May 19, 2025
  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025
  • How to Block Common (Weak) Passwords in Active Directory

    March 25, 2025
  • Fix: The referenced assembly could not be found error (0x80073701) on Windows

    March 17, 2025
  • Exclude a Specific User or Computer from Group Policy

    March 12, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • 0x80244010 Exceeded Max Server Round Trips: Windows Update Error
  • How to Force Remove a Printer That Won’t Uninstall on Windows
  • How to Completely Remove/Uninstall a Driver in Windows
  • Fix: Windows Update Tab (Button) is Missing from Settings
  • Fix: Your IT Administrator Has Limited Access to Virus & Threat Protection
  • Permanently Disable Driver Signature Enforcement on Windows 11
  • Fix: Windows Needs Your Current Credentials Pop-up Message
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top