Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Step by step implementation of password policy settings
Setting up a good password policy for your organization can help prevent an attacker from playing the role of a legitimate user and thereby prevent data loss, sensitive information disclosure.
Review part I: Set up a secure password system
In this section we will provide you with step-by-step instructions on advanced security by implementing password settings on the computers in your organization.
- Configure password policy settings in an Active Directory-based domain
- Configure password policy settings on individual computers
Configure password policy settings in an Active Directory domain
Request
• Requirements : You must be logged in as a member of the domain admin group.
• Tools : Active Directory Users and Computers
• To enforce password policies on the computer system of an Active Directory domain
- Go to Start > Control Panel , double-click Administrative Tools, and then double-click Active Directory Users and Computers .
- Right-click on the domain root
- Select Properties from the menu that appears:
Step by step implementation of password policy settings Picture 1
Note : The image in this document is a test environment and information may change with the information displayed on your screen. - In the properties dialog box, select the Group Policy tab, and then click New to create a new group policy object in the domain root. Enter " Domain Policy " for the name of the new policy and then click Close .
Note : Microsoft recommends that you create a new Group Policy object instead of editing the so-called Default Domain Policy because it is easier to recover important issues with security settings. . If new security settings cause problems, you can temporarily disable the new Group Policy object until you isolate those settings. - Right-click on the domain root, then click Properties .
- In the properties dialog box, click the Group Policy tab, and then select Domain Policy .
- Click Up to move the new GPO to the top of the list, then click Edit to open the Group Policy Object Editor for the GPO you created.
- Under Computer Configuration , navigate to the Windows SettingsSecurity SettingsAccount PoliciesPassword Policy folder
Step by step implementation of password policy settings Picture 2 - In the details pane, double-click Enforce password history , select Define this policy setting , set the value of Keep password history to 24 and then click OK .
Step by step implementation of password policy settings Picture 3 - In the details window, double-click Maximum password age , select Define this policy setting and set the value of Password will expire in 42 , click OK then click OK to close the Suggested Value Changes window that appears.
Step by step implementation of password policy settings Picture 4 - In the details window, double-click Minimum Password Age , select Define this policy setting and set the value of Password to be changed after is 2 and then click OK .
Step by step implementation of password policy settings Picture 5 - In the details window, click Double Minimum Password Length , select Define this policy setting and set the value of the Password to be at least 8 and then click OK .
Step by step implementation of password policy settings Picture 6 - In the details window, double-click Password must meet complexity requirements , select Define this policy setting in the template , select Enabled then click OK .
Step by step implementation of password policy settings Picture 7 - Close the Group Policy Object Editor , click OK to close the domain properties dialog box, and then exit Active Directory Users and Computers .
Check for new settings
Use the procedure below to check if the appropriate password policy settings have been accepted and valid in the GPO Domain Policy. Check their settings and operations to make sure that the correct password policies are applied to domain users.
Request
• Requirements : You must be logged in as a member of the Domain Admins group
• Tools : Active Directory Users and Computers.
• To check password policy settings for an Active Directory domain
- Open Active Directory Users and Computers , right-click your domain, then click Properties .
- In the properties dialog box, click the Group Policy tab, select the Domain Policy GPO, and then click Edit to open the Group Policy Object Editor .
- Under Computer Configuration , go to the Windows SettingsSecurity SettingsAccount PoliciesPassword Policy folder and check if your settings are correct with the settings shown here:
Step by step implementation of password policy settings Picture 8 - Close the Group Policy Object Editor , click OK to close the properties dialog for your domain, then exit Active Directory Users and Computers .
- Checking to ensure that users cannot specify passwords shorter than 8 characters, unable to create complex passwords and cannot immediately change their new passwords.
Configure password policy settings on stand-alone computers
Request
• Requirements : You must be logged in as a member of the Administrators group.
• Tool : Local Security Policy.
• To implement password policy on non-Active Directory computer systems, proceed as follows:
- Go to Start , click Control Panel , double-click Administrative Tools and then double-click Local Security Policy .
- Navigate to the Account PoliciesPassword Policy folder.
- In the details window, double-click Enforce password history , set the value of Keep password history to 24 , and then click OK .
- In the details window, double-click Maximum password age , set the value of Password will expire in to 24 , and then click OK .
- In the details window, double click on Minimum Password Age , set the value of Password can be changed after 2 , then click OK .
- In the details window, double click on Minimum Password Length , set the value of Password to be at least 8 , then click OK .
- In the details window, double-click the Password must meet complexity requirements , select Enabled, and then click OK .
- Close Local Security Policy .
Check for new settings
Request
• Requirements : You must be logged in as a member of the Administrators group.
• Tool : Local Security Policy.
• To check password policy settings for this computer system, follow these steps:
- Open Local Security Policy , navigate to the Account PoliciesPassword Policy folder and check if your settings are correct for the settings shown here:
Step by step implementation of password policy settings Picture 9 - Close Local Security Policy .
- Check to ensure that users cannot specify passwords that are shorter than 8 characters, cannot create non-complex passwords, and cannot change their new passwords immediately.
5 ★ | 1 Vote
Kareem WintersYou should read it
- How to reset Local Group Policy settings on Windows 10
- Group Policy special security settings
- Top 5 security settings in Group Policy of Windows Server 2008
- Turn off password display in Windows 8 when logging in
- 10 important Windows Group Policy settings need to be done immediately
- How to Remove a Password on Windows
- How to Change Your Password in Windows 8
- How to check and access UEFI settings on Windows 10
- Configure App-V with Group Policy Objects
- How to Turn Off Password Login on a Mac
- How to Change How Long Until a Mac Asks for Your Password
- How to Find Forgotten WiFi Password
Maybe you are interested
Instructions to fix double click error on computer mouse - Click once becomes twice
PowerToys will soon support creating app spaces and launching with just one click
Turn Windows 11 interface into Windows 10 with just one click
Fix right-click issue on Windows 10
Do not click on strange links or your phone will be hijacked
Banana, a game that only involves clicking on a banana, reached TOP 1 on Steam
Malware will not be detected
How to be safe on a wireless network
Methods of protecting personal information with solid passwords
Security tool all in one
Apache 2.0 with SSL / TLS protocol: Step by step instructions
Secure data in USB card