Customize the Password Change Notification for Windows 7

Friday, October 28, 2011

Since Windows NT 3.x, when your user password is 14 days from expiration, you receive a Password Change Notification when logging on requesting you to change your password. This has been the default behavior up to now. Windows 7’s password change notification setting is set to 5 days by default. If you wish to align your Windows 7 computers with others on the network, you can either modify the registry for the Windows 7 systems, or apply a local, or preferably, a group policy object if these Windows 7 systems are members of an Active Directory domain.

Option 1: Modify the Registry
  1. Run Registry Editor (Regedt32.exe).
  2. Navigate to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
  3. Add or modify the following entry: PasswordExpiryWarning: REG_DWORD
  4. Click OK and quit Registry Editor.

password change notification

Option 2: Apply a Local or Group Policy Object

  1. Modify the existing local computer policy, modify an existing group policy object, or create a new group policy object and apply it to the target OU containing the target computers.
  2. Navigate to the following path in the policy object
    • Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options
    • Find the entry: Interactive logon: Prompt user to change password before expiration
  3. Configure the attribute with the value that you require.
password change notification

Did you find the page informational and useful? Share it using one of your favorite social sites.

Recommended Books & Training Resources