• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 775
  • Last Modified:

Question about "Password must meet complexity requirements" in GP

Our current password policies at our organization or not as strong as we would like them. We would like to empliment the GPO setting (Password must meet complexity requirements). We know how to do this, however we don't know how it will behave after we switch it on. For example,

1. Will it prompt users right away (the ones that don't meet password complexity requirements) to change at next logon?

2. before we switch it on could we "pre" change users passwords to meet the requirements before deployment? This way we could somewhat control the amount of helpdesk phone calls we recieve. If we do this will the setting wipe out the passwords that we just set (the ones that meet the complexity requirements.?

1 Solution
1. Enabling the policy will have no influence on existing passwords; there is no way to determine whether an existing passwords meets any complexity requirements, because only a hash is stored, not the password itself.
The only thing that will have an influence is the "Password expires after"; passwords that haven't been changed for more than the number of days will expire as soon as the policy is enabled.
2. Since existing passwords aren't checked against the requirements, there's no need for that. You should, however, inform your users about the new requirements.
Toni UranjekConsultant/TrainerCommented:
1. No, users will have to change their passwords after their passwords expire.
2. I don't quite understand this part of your question. ;)

Complex password are not the key to security, you would be way ahead of the game with longer pasphrases. Any simple phrase (for example phrase/sentence with 15 characters) is better than 8 characters random generated password.
tludl880Author Commented:
thanks for the help will do!

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now