Q

Managing a password policy

Sometimes, your password security policy doesn't enforce the rules exactly the way you want them to. In times like this, look to the password management advice Kevin Beaver offers here.

I am using a Windows Server 2003 system. I have set up a test network, which is a copy of the live network. I have changed the default password policy to:

Enforce password history is three passwords, maximum age (these are temporary settings) will be 62 days, minimum age, two days
Minimum length, eight characters
Password complex enabled

The password policy is not working as I have added some passwords and have had a seven-character password. How can I solidify and enforce these password settings?

Have you restarted the server? If you can't, try running gpupdate at a command prompt to refresh the policy. There could be a policy conflict on the server that's overriding the policy you set. Set the policy for the domain (or group) and if that doesn't do it, try setting a local policy, which will apply to the server itself. And then see what happens.


More on password management

  • Password cracking and hardening
    Learn the abc's of password cracking and password hardening with this advice from Jonathan Hassell and Kevin Beaver.

  • Password security FAQs
    Check out this collection of recent password security questions for advice on cracking through a locked hard drive and what to do if you forget your password.

  • Password Hardening Journal
    One oft-forgotten element of a secure organization is password security. Check out our Windows security journal to find out how to secure your organization at this level.

This was first published in April 2007

Dig deeper on User passwords and network permissions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close