Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 668
  • Last Modified:

Windows Maximum Password Age

Hi, I am trying to setup security policies on a XP machine and I have the following question.  I have two accounts (both Admin) but one with a blank password, and the other with a regular password.  I need to enforce a "maximum password age" policy, and I found where you set that up in the registry
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]

Open in new window

maximumpasswordage

Open in new window

but my real question is, if I have this set to say 90 days, will it enforce this policy for any accounts that have a "blank" passwords or only for one's that have a real password associated with the account.

My issue is, the account with the blank password needs to auto-login everytime, and I don't want to have a situation where on day 90 it does not auto-login and hangs-up because it needs to have a password changed...

Please help :)
0
arunykand
Asked:
arunykand
  • 5
  • 4
1 Solution
 
abbrightCommented:
I believe that the password expiry options acts on all accounts whether they have a password set or not. If you want to prevent this for a single account you can set the "password never expires" option on the account itself. Then it won't expire even after the 90 days.
0
 
grayeCommented:
I'm pretty sure that the Maximum Password Age is a "global" setting... that affects all acounts.

So, I'd be thinking that it *would* mess up your auto-login at the end of 90 days
0
 
arunykandAuthor Commented:
Ok, so I would go to the account ( via control userpasswords2) with the blank password and check the 'password never expires' and then make the registry edit that I mentioned above, and that will enforce the password expiry date globally, but will not affect any accounts with the 'pwd never expires' option checked? Is that correct?

BTW, i've noticed that if I run the reg mod I mentioned in my post, it changes the reg entry, but it does not change maximum password age under local security settings, why is that?
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
abbrightCommented:
yes to the first question. Regarding the second there is a long discussion about this topic here: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/XP/Q_22066588.html
0
 
arunykandAuthor Commented:
Ok got it for the first one....Now regarding the second question I had, so which one applies for maximum password age, the one that is set in the registry, or the one that is set in local security settings? (This is a stand-alone WinXP pc, no domain, etc)?  (Registry says 90 days, local sec settings displays 42)
0
 
arunykandAuthor Commented:
Not sure if I should update the maximum password age via registry or via local security settings since updating the registry does not seem to update the other and I was trying to avoid doing this manually via local security settings.
0
 
abbrightCommented:
I'm not sure what the registry value does. I'd use the local security setting as that's the "official" way to do it.
0
 
arunykandAuthor Commented:
Hmm, that's what I was afraid of.....I was hoping for ease of use, have all my mods in a reg file and just execute that instead of messing around with local security settings.  
0
 
abbrightCommented:
Here's a link from Microsoft giving you the right registry setting: http://support.microsoft.com/kb/555540/en-us
0
 
arunykandAuthor Commented:
Thanks for the help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now