I'm trying to set the Identity of the Application Pool to a specific account. When I'm entering the password for a user name it says

The specified password is invalid.Type a new password.

Is there any specific requirement for the password field?

For me, it was that I wasn't adding the domain name to the login (DOMAIN\USER). It was defaulting to a local account

I'd configured the settings below but I was still getting the same error when trying to change the identity of the new application pool using the UI:

'The specified password is invalid. Type a new password.'

• Local Users and Groups
  • Added the Domain Service Account to the local group 'IIS_IUSRS'.
• Local Security Policy
  • Added the domain service account to the policies:
    • Access this computer from the network
    • Deny log on locally
    • Log on as a batch job
    • Log on as a service

The method that worked for me was to ditch the UI and do it via the command line using appcmd.exe.

%windir%\system32\inetsrv\appcmd.exe set config /section:applicationPools /[name='APP_POOL_NAME'].processModel.identityType:SpecificUser /[name='APP_POOL_NAME'].processModel.userName:DOMAIN\USER_NAME /[name='APP_POOL_NAME'].processModel.password:PASSWORD 

This method is described in the article:

http://technet.microsoft.com/en-us/library/cc771170(v=ws.10).aspx

The user account you specify must have "Access this computer from the network" user right in group policy.

If this is server is joined to a domain, will need to add this right via Group Policy -> Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment.

For me it was because I didn't mention the domain name as part of the user name

Another common cause for this error is long usernames... if you continue to be baffled (as I was), try using the "Pre-Windows 2000" version of the username, as listed in AD (assuming you're using a domain account). Worked for me!

It might also mean that the account is Locked Out (too many failed login attempts before), which you can configure in the Local Users and Groups MMC.

I faced the same problem. It baffled me as the message says there is something wrong with the password. It turned out that the account I was trying to use did not have logon rights on the IIS Server. I added the account to the local Administrators group to resolve the issue - if that's not an option then we have to somehow give the account logon rights to the computer.

The standard windows password rules in the security manager do apply. I believe you have to use an existing account, and that users assigned password. If the security manager was configured after the user account was setup, and the password does not expire, then they may have weaker password rules than the currently existing ones which could create a conflict.

In server 2008R2 %windir%\system32\secpol.msc /s should bring up the local security policy Not sure if its the same in other OS versions.

I met the same issue and solved with typing username which following domain name. As the pic shown. And entered the windows login password then it works.

enter image description here

Getting Error - The specified password is invalid.Type a new password.

Use the below command from the CMD and it will fix the issue-

%windir%\system32\inetsrv\appcmd.exe set config /section:applicationPools /[name='APP_POOL_NAME'].processModel.identityType:SpecificUser /[name='APP_POOL_NAME'].processModel.userName:DOMAIN\USER_NAME /[name='APP_POOL_NAME'].processModel.password:PASSWORD

For me, it was that the domain user had to be a member of the IIS_IUSRS group. Added the user to the group via Computer Management -> Users and Groups, restarted the app pool and all was well.

I have found that it must be a local account on IIS server, rather than a domain account.

I've been perplexed by this before as well, and tried everything else mentioned in all previous replies, to no avail. In my case, I was trying to use a local user that I created myself (for a developer machine), but my problem was that I had not unchecked the "User must change password at next logon" checkbox on the properties of the User in the Computer Management tool when creating the User. This is yet another scenario that can result in this very generic error message from IIS. Unchecking this fixed the issue immediately.

I tried the command John suggested to set the password through the command line. Since my application pool has spaces in the name, I got this error message:

Failed to process input: The parameter 'Sites'].processModel.identityType:SpecificUser' must begin with a / or - (HRESULT=80070057).

I was able to set the password with the following command:

%windir%\system32\inetsrv\appcmd.exe set config "/section:applicationPools /[name='APP_POOL_NAME'].processModel.identityType:SpecificUser" "/[name='APP_POOL_NAME'].processModel.userName:DOMAIN\USER_NAME" "/[name='APP_POOL_NAME'].processModel.password:PASSWORD" 

I bumped in to this problem but my solution was something different

I was using a VM and by default the VM created an administrator user but created it without a password.

I had to go out of IIS, in to user settings, add a password to my user and then back to IIS. I then entered the details accordingly and the whole thing worked :-)

I mistakingly thought I was creating a new user here for IIS - I don't believe that is the case you must use an existing user (as in a Windows user).

For me it was in my haste to follow the instructions for creating a merge agent account for replication I had left "User must change password at next logon" ticked. Make sure that the user does't have this ticked.

If you are using a gMSA service account you have to enter domani\account$, meaning add a dollar sign at the end of your username.

Use Your Laptop Password it worked for me.