When enabled, all SQL Server authenticated logins on the instance are checked to ensure they are set to be validated via the windows policy option (if supported by the version of SQL Server). This ensures SQL Server authenticated logins follow the configured complexity and lockout policies as defined by Windows.
If a login is found not to be configured to use Windows policy validation then this will raise a compliance alert. The resolution of this alert can be automated to ensure all logins meet policy requirements.
NOTE: You can exclude specific logins from from this validation by using the Exclude SQL Logins from Policy Checks option.
NOTE: This setting can also be overridden at the individual login level, if you wish to enable certain logins to not meet policy requirements.