The specified sa password does not meet strong password requirements

Problem

When entering the sa password while installing SQL Server you get the following error: “The specified sa password does not meet strong password requirements.

Solution

If the computer is on a domain

  1. Go to Administrative Tools / Domain Security Policy :: Security Settings | Account Policies | Password Policy
  2. Set “Minimum password length” = Not Defined
  3. Set “Password must meet complexity requirements” = Not Defined

Not on a domain

  1. Go to Administrative Tools / Local Security Policy :: Security Settings | Account Policies | Password Policy
  2. Set “Minimum password length” = 0
  3. Set “Password must meet complexity requirements” = Disable

12 thoughts on “The specified sa password does not meet strong password requirements”

  1. Computer is on a domain, “Minimum password length” “Password must meet complexity requirements” are actually enable and managed by SysAdmin… now what to do?

    Reply
    • It sounds like you don’t have the proper admin rights to deal with this yourself, so you’ll need to ask the sysadmin for help.

      If this is just a dev box, they might be ok with excluding this box from using the password policy, or they might want to unjoin it from the domain to simplify things. It really depends on your situation though.

      Reply
  2. We have a similar problem. An Engineer from our project has been given a laptop which is in Global domain. While trying to install our project application in his laptop, we are getting “the specified sa password does not meet strong password requirements…” error. This happens during the phase of SQL Express installation of our application which we distribute as part of installation bundle. Could it be because of default authentication mode selected by Sql Express installation is Windows authentication mode and the default password mentioned there is not meeting the requirements set by the local security policy? Please clarify.

    Reply
    • It sounds like you’re deploying to a dev / QA laptop?

      The laptop is domain-joined, so did you try the “if domain-joined” steps in the article?

      If the laptop has to be on that domain, and you cannot change domain policy, then ask your system admins to override this password setting specifically for this laptop.

      If the laptop doesn’t have to be on the domain, then the simplest solution is to remove it from the domain. Then the password policy from the domain policy won’t apply.

      Reply
  3. Max, thanks for your quick reply.

    Yes, it’s a Dev/QA (Not actually a software developer, but he uses our application to develop). I checked both the options above but unfortunately we could not change the settings as the options are disabled. When we approached our local IT desk, they denied to enable these settings for us as it is against our organization policies.

    We clueless now!

    Reply
    • They should really put the dev/qa box on a different domain, and apply a different policy to it. But it sounds like your sys admin won’t do that for you. That makes it a bit hard to solve. I honestly have not run into this situation where the sys admin is forcing you to use a dev box with production policies on it.

      Are you running the SQL Express installer from the command line, or is the user using the SQL Express installer to step through the installation?

      1. If you’re using the command line, try passing in the /sapwd flag with an appropriate password that meets your password requirements.
      2. If you’re using the UI, try changing the auth mode to mixed, so it’ll allow you to specify the sa password. Then put in a password that meets the policy requirements.

      Reply

Leave a Reply to Mak Cancel reply