[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

AD - password rest

Posted on 2011-04-27
8
Medium Priority
?
290 Views
Last Modified: 2012-05-11
Hey all, what is the longest we can set the password policy for users to have to change their passwords? Is it 180 days?
0
Comment
Question by:dealstrike
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35477366
Maximum password age can be up to 999 days

http://technet.microsoft.com/en-us/library/cc736566(WS.10).aspx

Thanks

Mike
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 35477380
Forever. Set the max age to 0.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 35477463
Good catch Jm, forgot to put that in from the link

or you can specify that passwords never expire by setting the number of days to 0
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dealstrike
ID: 35477467
Thanks, is there a way to make it so that users cannot user passwords with certain words in them?
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 35477473
Look at Specops Password Policy tool.

http://www.specopssoft.com/products/specops-password-policy 
0
 
LVL 22

Expert Comment

by:Joseph Moody
ID: 35477479
Thanks Mike. I was just being "technical".
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 35477502
The maxium password age is between 0 - 999 and if it is set to 0 it never expires. Please refer to the link below and this will explain things more clearly.

http://technet.microsoft.com/en-us/library/cc875814.aspx
0
 
LVL 43

Accepted Solution

by:
Adam Brown earned 2000 total points
ID: 35477577
There isn't a built in method for changing the password complexity requirements in Windows. You can set it to require complex passwords, but the definition of what constitutes a complex password is controled by a DLL that is pretty difficult to modify by hand. The Specops software jmoody linked to should help you with doing that, though.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question