Machine password change rate

Setting the policy specifies in days how often a client changes their machine account password. The password is randomly generated by the client and not visible to the user. Disabling this policy or setting a high number of days can negatively impact security, because it gives potential attackers more time to find and use the machine account password.

Leaving the policy unset means the machine account password is changed every 30 days.

Setting the policy to 0 turns off machine account password change.

Note: Passwords might get older than the specified number of days if the client has been offline for a longer period of time.

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

Machine password change rate:

Registry PathSoftware\Policies\Google\ChromeOS
Value NameDeviceMachinePasswordChangeRate
Default Value
Min Value0
Max Value9999


Administrative Templates (Computers)

Administrative Templates (Users)