-
The Windows Password Policy is set by an administrator and forces users to perform certain steps related to account security, such as creating passwords of a minimum length and forcing users to change their passwords at regular intervals. Although password policies require more work for a user and administrator, not enforcing them results in an insecure system with users who can be easily targeted by attackers.
Password Must Meet Complexity Requirements
-
Users receive a "Password must meet complexity requirements" violation if they attempt to set a password that is not at least six characters long, does not have a mix of upper and lowercase numbers, or contains the user's real or user name in the password.
Enforce the Password History
-
Enforcing the password history prevents users from creating passwords that are the same as one they have recently used. You can tell Windows how many past passwords it should check for this, and for how long it should save them. This is done to prevent a leaked or familiar password from being compromised.
Maximum Password Age
-
A maximum password age rule sets the number of days that a password will be valid for. Once this time has passed, the user will not be able to log in until he has reset his password. Microsoft recommends that you set a password to a maximum age of 70 days to keep the system secure.
Minimum Password Age
-
Some users will change their password and then immediately change it to their old, familiar one to avoid password history rules. You can prevent this behavior by requiring the user wait between password changes, giving them time to acclimate to their new password before allowing them to change it again.
No comments:
Post a Comment