[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

Can a virus cause passwords to expire on a network?

At my job every network login that did not have the "password never expires" checkbox checked in Active Directory was prompted to change passwords.  Individually, user accounts did not have a expiration date.  After looking more in depth I found a group policy for the entire district where passwords have a max age of 45 days.  However, I don't believe that anyone specifically set that.  Can a virus set that policy?  

In addition we had to temporarily shut down our firewall that was incorrectly blocking secure traffic.
0
AtypicalIC
Asked:
AtypicalIC
  • 3
  • 2
1 Solution
 
thstephCommented:
that's a group policy and is intended for maximizing the security, not minimizing it ... don't thing a virus could do that.

regards
0
 
thstephCommented:
btw ... isn't that the default policy for expiration of password?
0
 
AkhaterCommented:
the 45 days comes by default
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
AtypicalICAuthor Commented:
I know it sounds crazy to complain that a security policy is suddenly enforced. However, the odd thing is that  ALL the passwords expired at the same time even though passwords were definitely not assigned at the same time and many were, according to the policy, expired days months and even possibly years ago.

On the opposite side, is there anything that would have prevented the policy from working normally that suddenly allowed it (perhaps the firewall was blocking a network trigger message)?
0
 
AkhaterCommented:
you are talking about the default domain policy right ? The default settings in 45  days on windows 2003

did you upgrade your domain from 2000 to 2003 or something similar ?

btw why is this question in the exchange section ?
0
 
thstephCommented:
the one and only time I faced a virus changing my password on a server was for my SA password on MSSQL. never for security policy. either way, if your policy remains on 45 days, just leave it as is an d monitor it a bit. see if it actually exparies on 45 days. maybe you have forced the group pilicy forcing the passwords to expire on the same day!!
you could always try setting it to a lower number for easier monitoring
regards
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now