• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 672
  • Last Modified:

separate password policies for local accounts in windows 8

I have a client who is currently upgrading all computers to windows 8 pro from XP pro. The previous IT guy setup all the local computers with several different local accounts for each user on per computer (this is a medical clinic) He set the local security policy to be very specific. The medical clinic has strict policies that they have to adhere to.

There is a IT support account that I've always used prior to this and the password has never changed and all the other accounts have to change the password every 90 days. Now where and how do I set this up in windows 8? I've searched for it but cannot seem to find it. I've never set local security policy up on several local user accounts like this, I've always done it within a server/client environment.

I basically want to have a separate policy for one local admin account (password never expire) while all the others follow the normal parameters that will be set.

Thanks for any insight.
1 Solution
btanExec ConsultantCommented:
For local policy, Windows 8 Pro still can use the "secpol.msc". Under the password policy, you should be able to set Maximum password age to 0 and that means it never expires. And setting it to any other negative number is equivalent to setting it to Not Defined.


For info, Local Computer Policy is also known as Local Group Policy in previous versions of Windows.

For Fine-grained password policies apply only to user objects (or inetOrgPerson objects if they are used instead of user objects) and global security groups. This wording is in context of domain instead.

For local policy, it needs user specific Local Group Policy and in this case you will need to use Group Policy Object Editor. Will be good to catch the "Multiple Local Group Policy Scenarios" section in below link


User-Specific Group Policy
Administrators of stand-alone computers can create new local user accounts. When created, Windows stores these new accounts with the list of built-in groups and users on the local computer. Local administrators can use the last layer of the Local Group Policy object, Per-User Local Group Policy objects, to apply specific policy settings to a specific local user.
My answer would have been shorter. Use secpol.msc to set up a pw Policy. Then set the checkbox "pw never expire" on the admin user and you're done.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Tackle projects and never again get stuck behind a technical roadblock.
Join Now