Overview #

If PASSWD_NOTREQD user-Account-Control Attribute Value bit is set, the user is not subject to a possibly existing policy regarding the length of password.

This implies the user could have shorter password than it is required or it may even have no password at all, even if empty passwords are not allowed. This property is not visible in the normal GUI tools (Active Directory Users and Computers)!

user-Account-Control Attribute Value attribute for an account Gill Bates is set to a decimal value of 544 (hex 220). The value is the sum of the individual property flags for the user-Account-Control Attribute Value of the User account.

A value of 544 (x220) indicates that the account has the following property flags set / enabled:

  • NORMAL_ACCOUNT: decimal 512 (x200)
  • PASSWD_NOTREQD: decimal 32 (x20)
Note that the PASSWD_NOTREQD property is represented by hex value x20, so any user-Account-Control Attribute Value of x20 has the PASSWD_NOTREQD flag set. Some examples of user-Account-Control Attribute Value, where the PASSWD_NOTREQD flag is set are:
  • x020 - 032 - PASSWD_NOTREQD
  • x220 - 514 - Enabled, PASSWD_NOTREQD
  • x222 - 546 - Enabled, PASSWD_NOTREQD
  • x40222 - 262690 - Disabled, Smartcard Required, PASSWD_NOTREQD

More Information #

There might be more information for this subject on one of the following: