By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
I have a GPO set on my domain and a password policy set to a minimum of eight characters in length. My boss wants me to add a check to make sure that at least three characters are changed when the passwords expire. Can that be done? If not, is there a third party solution for extended password security control?
If you set the password policy history setting, i.e. set it to remember a number of past passwords, no user will be able to reuse his current password, or any of the last few (depending on the setting.) The user will not be prevented from using the same characters, but the password will be different.