Password difficulty and Password change frequency

Posted on 2006-03-22
Last Modified: 2013-12-04
Hi all,

I was testing the password policy for windows 2000 server and somthing has happened which i want to undo.

1. users are all getting different password change message time, they used to have to change it on the same day with a warning over a few days or more now they get a same day warning.

2. I enforced complexity and it only accepts certain complex passwords that should be accepted.

I want to be able to make sure the users are all prompted at the same times for password change and that it is accepting the passwords they enter.

the password requirements are 6 characters with numbers and letters


Question by:CyberIDentity
    LVL 9

    Accepted Solution

    Unless you go and expire all users passwords with a script, users will be prompted to change them based on your max password age and when they decide to change their passwords once they start receiving warnings that they'll need to change them within X days.

    The "X" number of days can be changed by updating the default domain policy GPO with the following setting:
    Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Interactive Logon: Prompt user to change password before expiration

    Also, password complexity means 2 out of 3 of: mixed-case, numbers and punctuation in addition to no part of the user's logon ID or name.
    LVL 9

    Expert Comment

    Actually, changing this setting to 0 might lock your users out, requiring you to go in and unlock their accounts.  You probably don't really want this to happen.

    You might rather want a script that runs, forcing users to change their password at next logon.
    LVL 9

    Expert Comment

    If you were running Windows Server 2003 on your DCs you'd be able to use dsquery/dsmod commands to force a change at next logon.  However, since you're running Windows 2000 Server, you could still use a VB Script to accomplish the task.  See for an example script.
    LVL 1

    Author Comment


    Thanks for the fast and detailed responses.

    I will put them in the grinder for processing :)



    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Suggested Solutions

    This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
    Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now