Password policies
Password policies make it possible to restrict the choice of passwords for user accounts, forcing users to choose secure passwords. A separate password policy protects the system against the use of weak passwords. Set the length and complexity of the user passwords used.
- 1. Open the Control Panel and select Administrative Tools > Local Security Policy.
- 2. Select Account Policies > Password Policy in the window that opens
- 3. Specify the password policy settings.
- 4. To set a maximum password age, a time period (in days) can be defined for the policy Maximum password age before the system prompts the user to change the password.
- 5. In order to demand a password complexity, the policy Password must meet complexity requirements can be set. On enabling this policy, any passwords set in future must contain at least upper case letters, lower case letters, numbers and special characters.
- 6. To prevent attacks to guess user authentication data, the settings can be set at Account Lockout Policy. Set the number of failed login attempts after which a user account should be locked out. You can use the Account lockout duration policy to set the duration in minutes that a locked account remains locked before it is automatically unlocked.
- Definition of the password policies