Re: strong passwords

From: Ryan Hanisco (rhanisco_at_flagshipis.com)
Date: 01/17/05

Next message: Ryan Hanisco: "Re: Multiple logon scripts assigned with Active Directory"
Previous message: Brian Higgins: "Re: AD object security settings getting erased"
In reply to: Flavio Alves: "strong passwords"
Next in thread: Herb Martin: "Re: strong passwords"
Reply: Herb Martin: "Re: strong passwords"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 17 Jan 2005 11:39:42 -0600

Flavio,

You will not see an impact to your end users until they are forced to change
their passwords. Then the complexity requirements will go into effect.
Brace yourself for the helpdesk calls and public outcry. Do yourself a favor
and send out a notice, e-mail, newsletter, whatever outlining the change,
and give them warning.

Make sure you understand what a strong password is. Most people, not in IT,
will be shocked at the requirements and take it personally that you are
making their lives harder. Also, you may actually see a reduction in
security as people write these things down and store them under their
keyboards.

Good PR and management buy in are the only way to really effect this change.

-- 
Ryan Hanisco
MCSE, MCDBA
Flagship Integration Services
"Flavio Alves" <FlavioAlves@discussions.microsoft.com> wrote in message
news:3454A86B-CEC4-4463-969F-C0A302B86C69@microsoft.com...
> In my company , we are applicating strong passwords and i have the
following
> consiguration
> - enforce password history = 12
> - maximum password age = 90 days
> - minimum password age = 0
> - minimum password lenght = 6
> - password must meet complexity ... = disable
> - store passwords using .... = disable
> Now , after changes will to stay of following form .
> - enforce password history = 14
> - maximum password age = 45 days
> - minimum password age = 0
> - minimum password lenght = 8
> - password must meet complexity ... = enable
> - store passwords using .... = disable
>
> What´s the impact in my ambient, that  will occur with all workstation im
my
> company ?
>

Next message: Ryan Hanisco: "Re: Multiple logon scripts assigned with Active Directory"
Previous message: Brian Higgins: "Re: AD object security settings getting erased"
In reply to: Flavio Alves: "strong passwords"
Next in thread: Herb Martin: "Re: strong passwords"
Reply: Herb Martin: "Re: strong passwords"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: password requirements
... > users staff and pupils. ... > and standard passwords on pupils. ... Password complexity requirements (as well as history, ...
(microsoft.public.windows.server.active_directory)
Re: How to create custom password filters
... Where did you set the 'Passwords must meet complexity requirements' option? ... you are only allowed one password policy - which is usually within ... >>> server. ...
(microsoft.public.windows.server.security)
Re: Password Quality checker
... for the complexity you are looking for. ... On our web apps at work it ... have met the proper complexity requirements. ... whether the passwords they choose meet the organization's policy. ...
(Security-Basics)
Re: Passwords
... of passwords that no user can use. ... >can tie the complexity with other available options, ... >> How do you modify the parameters for password policies? ... I chose to use the complexity requirements ...
(microsoft.public.windows.server.general)
RE: BlackList Passwords
... You can enable "Passwords Must Meet Complexity Requirements" which should ... Windows 2000 Server" paper. ... Passwords that contain only alphanumeric characters are extremely easy to ...
(microsoft.public.win2000.security)