[Last Call] Learn how to a build a cloud-first strategyRegister Now


Prevent the Use of Certain Passwords in Windows Server 2008R2

Posted on 2011-04-23
Medium Priority
Last Modified: 2012-08-14
Is there a way in GPO or other to prevents certain passwords y server users.  I have Windows Server 2008R2.  Is there a way to stop the use of certain passwords, like "password", "1234567", etc.  In windows server is there a way to create a password blacklist?
Question by:wmandallp

Accepted Solution

npinfotech earned 668 total points
ID: 35455193
Server 2008 has policies that can be enabled to prevent this: http://www.windowsitpro.com/article/passwords/windows-server-2008-password-policies
LVL 20

Assisted Solution

by:Svet Paperov
Svet Paperov earned 668 total points
ID: 35456138
The default password policy on Windows Server 2008 requires at least 3 of the following 4 elements: capital letter, small letter, number, and symbol; the password must be at least 7 characters long and must be changed every 42 days. Also, it cannot include the part of the username.

You can modify the account password policy using secpol.msc on a stand-alone server or through the Default domain GPO in domain environment.

So, lazy passwords like those are not allowed, however there is password blacklist.
LVL 10

Assisted Solution

abbright earned 664 total points
ID: 35456498
There are 3rd-party tools which let you define more fine-grained policies:
- http://www.specopssoft.com/products/specops-password-policy
- http://anixis.com/products/ppe/default.htm

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question