Product Name
CIS Hardened Images® (Azure)
Product Version
Date
Problem
The minimum password length requirement for CIS Microsoft Windows Server Hardened Images on Azure is 14, which conflicts with Azure’s minimum password length requirement of 12.
Solution
CIS Hardened Images are configured to meet the best practices outlined within the CIS Benchmarks. All CIS Benchmarks adhere to a CIS recommended 14-character password length. However, to make it more readily available to end users moving forward, we will be updating our usage guidance and overview sections on all of the CIS Microsoft Windows Server Hardened Images on Azure. Additionally, we are working with Azure Support to try and clear up the password length discrepancy. Thank you for the feedback and data points, as this will help guide our documentation moving forward.
Please see the following Microsoft article for help in resetting the password: Reset Remote Desktop Services or its administrator password in a Windows VM.