Email User And reset Password

Posted on 2006-03-22
Last Modified: 2013-12-04

I would like a Software package or even create a Scheduled script that could complete the following proceedure on a regular basis

-Generate Random Password - Alpha Numeric
-Inform User of New Password and that it will be changed on Time and Date
-Reset Password on Given Time and Date

I have about 1600 users that i will need to do this for all have mail accounts.

The Network is windows 2003 and Exchange 2003

If it's not possible any advice on password security would be appreciated.

Question by:Levi101
    LVL 18

    Expert Comment

    Have you looked into setting the built in windows password policies?

    Why not require the user's to change their own passwords? That way, you don't have to e-mail them and then risk having passwords transmitted via e-mail.

    You can require users to change their passwords say every 30, 60, or 90 days.  You can also set passsword complexity so that the password has to contain 3 of the following 4: numbers, upper and lower case letters, symbols.  You can also set a min. password length such as 8 characters.  
    LVL 1

    Author Comment

    I have tried this and noticed even if I set the password to contain 8Character, Upper and lowerCase and 3 digits they will creat JoeSmith001 then in 30 days change it for JoeSmith002 etc, etc. This seems a bit pointless to me and not very secure.
    LVL 18

    Accepted Solution

    That's true, but it would still help protect against brute force attacks and the like.

    Also think about this point from a user perspective:

    If you let them create their own passwords then at least maybe they will be more apt to remember then and not write them down and leave them on their desks.  

    If you assign random passwords then more than likely your users will end up writing them down and keeping them near since it will be very hard to remember them. To me, this is much less secure.

    Best practice tends to lean toward teaching your users how to create "good" passwords that are both complex, but easy for them to remember.

    LVL 18

    Expert Comment

    If you were going to generate a random password, I would only do it for the initial one. luv2smile pretty much said it: teach people to create secure passwords... don't just force it on them. Also, have you implemented anything like an account lockout policy for a number of incorrect guesses?

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Join & Write a Comment

    In a recent article here at Experts Exchange (, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
    Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
    This video discusses moving either the default database or any database to a new volume.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now