getsteps GetSteps Printed from site: www.getsteps.com
URL: http://www.getsteps.com/de/t/c91e2e603446453f/set-password-policies-in-windows-server-2008

Set Password Policies in Windows Server 2008

created by , 08. 03. 2012

Long passwords are more secure, period. As you might suspect, there are more permutations and combinations to try when one is attempting to crack a machine via brute force, and common English words, on which a dictionary attack can be based, are generally shorter than eight characters in length. By the same token, passwords that have not been changed in a long time are also insecure. Although most users grudgingly change their passwords on a regular basis when encouraged by administrators, some accounts—namely the Administrator and Guest accounts—often have the same password for life, which makes them an easy target for attack.

To counter these threats, consider setting some basic requirements for passwords. To set these restrictions on individual workstations and Windows Server 2008 member servers, follow these steps:

Inputs / Conditions / Prerequisites

Windows Server 2008 attached to Domain

Steps
  • 1

    Open the MMC and navigate to the Local Security Policy snap-in. You usually access this by selecting Start --> All Programs --> Administrative Tools.

  • 2

    Navigate down the tree, through Security Settings, to Account Policies.

  • 3

    Click Password Policy.

  • 4

    Enable the "Passwords must meet complexity requirements" setting.

  • 5

    Change the "Minimum password length" to a decent length. I recommend eight characters. (I must note here that I prefer passwords longer than 14 characters, but I predict that you will encounter serious user resistance to such a move.)

  • 6

    Change the "Maximum password age" setting to a conservative setting. I recommend 90 days.

Outputs
Password Policies in Windows Server 2008
Translations