General discussion

Locked

policy

By jacob ·
when i create a user in win2003 AD users and computers,there is a message that password meet complexity and length.i never faced this situation in win2000.i need to configure the Domain Security policy to create an user.is it a default setting?why microsoft gone for a setting like this.is this provides any security?

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to policy

yes. With the advent of W2003 server, the default install password policy is a 7 character lenght minimum, with the use of non alphanumeric characters and capitalization mixed with alphanumeric characters.

Collapse -

by w2ktechman In reply to policy

the corp guys are right. And to answer your other questions, M$ has started to implement Security over ease of use. This is because there are many times more security breaches now than 5 yrs ago.
AND
Yes, a password is more secure, a required alphanumeric password is even more secure. And added password length is more secure. A hacker can possibly hack a 3 or 4 word password policy without much ado. But 8 or 9 w/ alphanumeric and other policies would make it much hardre and they would probably start looking to hack elsewhere.

Collapse -

by JazzyWalid In reply to policy

By defnition, an AD is a security boundery by it self. So you should always think about users passwords with a minimum of 6 char and a 30 day period to change that password. Also consider the number of invalid retries before an account is locked (I prefer 3 times)and the administrator (or anyone with that privilage) should unlock it and the passwords history(6 Passwords).

And before I end this, just remember that these setings should be done on the domain level and not on OUs.

Hope I did help you

Back to Windows Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums