How to Prompt User to Change Windows Password Before Expiration

November 27th, 2017 by Admin Leave a reply »

Before your Windows password expires, you may receive password expiration notification every time you log on to local account or domain user.

In this tutorial we’ll show you how to set the number of days prior to password expiration, during which to begin displaying password expiry notice to prompt user to change Windows password.

Tips: If you want to disable password expiry notice, you can set Windows password to never expire by following these tutorials:

Part 1: Prompt Local Users to Change Password Before Expiration

Here’s how you can prompt local users to change password before expiration in Windows 10, 8, 7, Vista and XP:

  1. Open the Local Group Policy Editor and navigate to: Computer Configuration\Windows Settings\Local Policies\Security Options.

    Next, double-click the “Interactive Logon: Prompt user to change password before expiration” policy on the right pane.

  2. Enter the number of days prior to password expiration that you want to notify users, and click OK.

  3. Reboot your computer for the policy to take effect.

If you’re unable to access Local Group Policy Editor, use the following registry tweak to change password expiry notice period:

  1. Open Registry Editor and navigate to:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.

    Double-click the PasswordExpiryWarning value on the right pane.

  2. Click the Decimal radio button and enter the number of days before password expires that you want to notify users, and click OK.

  3. Close Registry Editor and reboot your computer.

Part 2: Prompt Domain Users to Change Password Before Expiration

If you’re running Windows Server 2016 / 2014 / 2012 / 2008 domain controller, use this method to prompt domain users to change password before expiration:

  1. Click the Start button, select Administrative Tools and then click Group Policy Management.
  2. In the console tree, expand the Forest -> Domains -> your domain. Right-click the domain policy you want to work with, and then select Edit.
  3. When the Group Policy Management Editor window appears, navigate to Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options.

    Then double-click the “Interactive Logon: Prompt user to change password before expiration” setting in the right pane.

  4. In the Security Policy Setting tab, check the “Define this policy setting” option, and enter the number of days in advance users are warned that their passwords are about to expire.

  5. Click Apply and then OK. Reboot your server.