disallow simple password checks to see if the password contains the login name as a substring. It can be set to:
0 – turns off the option and simple passwords are allowed.
1 – turns the option on, and disallows simple passwords.
By default, this option is turned off and this check is not applied to passwords.
To set this option, enter:
sp_passwordpolicy 'set', 'disallow simple passwords', 1
When you disallow simple passwords, you cannot use your login name as a substring in your password. You must set it to something complex. For example:
sp_password 'old_complex_password', BHotAcha789, johnd
The login johnd now
has a password of BHotAcha789,
which does not contain the login name as a substring.
However, if you change the login password entering:
sp_password 'old_complex_password', johnd123, johnd
the login johnd is
now a substring of the new password johnd123,
and this command fails.
