RE: User cannot change password
From: S.J.Haribabu (sjhari_at_microsoft.com)
Date: 07/27/04
- Next message: Dan Varozza: "Can't browse trusted domain"
- Previous message: John: "Limiting concurrent connections"
- In reply to: Jeremy_at_gilbarco: "User cannot change password"
- Next in thread: Jeremy_at_gilbarco: "RE: User cannot change password"
- Reply: Jeremy_at_gilbarco: "RE: User cannot change password"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 27 Jul 2004 17:43:46 GMT
Hi Jeremy,
Make sure that the password users give meet the complexity requirements.
Simply having a password isn't enough. The key to preventing unauthorized
access to network resources is to use secure passwords. The difference
between an average password and a secure password is that secure passwords
are difficult to guess and crack. You make passwords difficult to crack by
using combinations of all the available character types—including lowercase
letters, uppercase letters, numbers, and symbols. For example, instead of
using happydays for a password you would use haPPy2Days&, Ha**y!dayS, or
even h*PPY%d*ys.
This Password policy might have enabled in Group policy. The policies are
given below.
Minimum Password Length
Minimum Password Length sets the minimum number of characters for a
password. If you haven't changed the default setting, you'll want to do so
immediately. The default is to allow empty passwords (passwords with zero
characters), which is definitely not a good idea.
For security reasons, you'll generally want passwords of at least eight
characters. The reason for this is that long passwords are usually harder
to crack than short ones. If you want greater security, set the minimum
password length to 14 characters.
Passwords Must Meet Complexity Requirements
Beyond the basic password and account policies, Windows 2000 includes
facilities for creating additional password controls. These facilities are
available in the password filters, which can be installed on a domain
controller. If you've installed a password filter, enable Passwords Must
Meet Complexity Requirements. Passwords are then required to meet the
filter's security requirement.
For example, the standard Windows NT filter (PASSFILT.DLL) enforces the use
of secure passwords that follow these guidelines:
• Passwords must be at least six characters long.
• Passwords can't contain the user name, such as stevew, or parts of the
user's full name, such as Steve.
• Passwords must use three of the four available character types: lowercase
letters, uppercase letters, numbers, and symbols.
Jeremy, please let me know if users are unable to change their password
even after giving secure one.
Thanks,
sjhari@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: Dan Varozza: "Can't browse trusted domain"
- Previous message: John: "Limiting concurrent connections"
- In reply to: Jeremy_at_gilbarco: "User cannot change password"
- Next in thread: Jeremy_at_gilbarco: "RE: User cannot change password"
- Reply: Jeremy_at_gilbarco: "RE: User cannot change password"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
