Though the password expiration policy is one that many organizations use, you may want to think twice about adopting it. The default is 42 days, but you can set this to anywhere from 1 day (not advisable!) to 999 days ( Figure B). This policy forces users to change their passwords on a regular basis by expiring them after a certain period of time. If you enable password history, you can set a specific number of previous passwords that cannot be reused, anywhere from 1 to 24 ( Figure A). The purpose is to ensure any previous password that potentially may have been leaked or stolen is not reused. This policy restricts users from creating passwords they've already used. SEE: How to reduce user account lockouts and password resets (free PDF) (TechRepublic)Įnforce password history. You'll find the specific policies that you can set. At the Local Group Policy editor, navigate to the following setting: Computer Configuration | Windows Settings | Security Settings | Account Policies | Password Policy. You can then segue to your domain's Group Policy console when it's time to create and deploy the settings for everyone.ģ. You may want to test this out on your current computer initially by using the local Group policy editor. (The following policies can be applied to Windows 7, 8.1, and 10 clients.)ġ.
If you use Group Policy at your company, you can at least set certain password policies to ensure a minimum level of security. Users would prefer to use simple Windows passwords that are easy to remember and type, but you want those passwords to be strong and complex as a way to protect your users and business. Passwords are always a frustrating catch-22 for any organization.
0 kommentar(er)
