Step by step implementation of password policy settings

Review part I: Set up a secure password system

In this section we will provide you with step-by-step instructions on advanced security by implementing password settings on the computers in your organization.

  1. Configure password policy settings in an Active Directory-based domain
  2. Configure password policy settings on individual computers

Configure password policy settings in an Active Directory domain

Request

Requirements : You must be logged in as a member of the domain admin group.

Tools : Active Directory Users and Computers

• To enforce password policies on the computer system of an Active Directory domain

  1. Go to Start > Control Panel , double-click Administrative Tools, and then double-click Active Directory Users and Computers .
  2. Right-click on the domain root
  3. Select Properties from the menu that appears:

    Step by step implementation of password policy settings Picture 1

    Note : The image in this document is a test environment and information may change with the information displayed on your screen.
  4. In the properties dialog box, select the Group Policy tab, and then click New to create a new group policy object in the domain root. Enter " Domain Policy " for the name of the new policy and then click Close .

    Note : Microsoft recommends that you create a new Group Policy object instead of editing the so-called Default Domain Policy because it is easier to recover important issues with security settings. . If new security settings cause problems, you can temporarily disable the new Group Policy object until you isolate those settings.
  5. Right-click on the domain root, then click Properties .
  6. In the properties dialog box, click the Group Policy tab, and then select Domain Policy .
  7. Click Up to move the new GPO to the top of the list, then click Edit to open the Group Policy Object Editor for the GPO you created.
  8. Under Computer Configuration , navigate to the Windows SettingsSecurity SettingsAccount PoliciesPassword Policy folder

    Step by step implementation of password policy settings Picture 2
  9. In the details pane, double-click Enforce password history , select Define this policy setting , set the value of Keep password history to 24 and then click OK .

    Step by step implementation of password policy settings Picture 3
  10. In the details window, double-click Maximum password age , select Define this policy setting and set the value of Password will expire in 42 , click OK then click OK to close the Suggested Value Changes window that appears.

    Step by step implementation of password policy settings Picture 4
  11. In the details window, double-click Minimum Password Age , select Define this policy setting and set the value of Password to be changed after is 2 and then click OK .

    Step by step implementation of password policy settings Picture 5
  12. In the details window, click Double Minimum Password Length , select Define this policy setting and set the value of the Password to be at least 8 and then click OK .

    Step by step implementation of password policy settings Picture 6
  13. In the details window, double-click Password must meet complexity requirements , select Define this policy setting in the template , select Enabled then click OK .

    Step by step implementation of password policy settings Picture 7
  14. Close the Group Policy Object Editor , click OK to close the domain properties dialog box, and then exit Active Directory Users and Computers .

Check for new settings

Use the procedure below to check if the appropriate password policy settings have been accepted and valid in the GPO Domain Policy. Check their settings and operations to make sure that the correct password policies are applied to domain users.

Request

Requirements : You must be logged in as a member of the Domain Admins group

Tools : Active Directory Users and Computers.

• To check password policy settings for an Active Directory domain

  1. Open Active Directory Users and Computers , right-click your domain, then click Properties .
  2. In the properties dialog box, click the Group Policy tab, select the Domain Policy GPO, and then click Edit to open the Group Policy Object Editor .
  3. Under Computer Configuration , go to the Windows SettingsSecurity SettingsAccount PoliciesPassword Policy folder and check if your settings are correct with the settings shown here:

    Step by step implementation of password policy settings Picture 8
  4. Close the Group Policy Object Editor , click OK to close the properties dialog for your domain, then exit Active Directory Users and Computers .
  5. Checking to ensure that users cannot specify passwords shorter than 8 characters, unable to create complex passwords and cannot immediately change their new passwords.

Configure password policy settings on stand-alone computers

Request

Requirements : You must be logged in as a member of the Administrators group.

Tool : Local Security Policy.

• To implement password policy on non-Active Directory computer systems, proceed as follows:

  1. Go to Start , click Control Panel , double-click Administrative Tools and then double-click Local Security Policy .
  2. Navigate to the Account PoliciesPassword Policy folder.
  3. In the details window, double-click Enforce password history , set the value of Keep password history to 24 , and then click OK .
  4. In the details window, double-click Maximum password age , set the value of Password will expire in to 24 , and then click OK .
  5. In the details window, double click on Minimum Password Age , set the value of Password can be changed after 2 , then click OK .
  6. In the details window, double click on Minimum Password Length , set the value of Password to be at least 8 , then click OK .
  7. In the details window, double-click the Password must meet complexity requirements , select Enabled, and then click OK .
  8. Close Local Security Policy .

Check for new settings

Request

Requirements : You must be logged in as a member of the Administrators group.

Tool : Local Security Policy.

• To check password policy settings for this computer system, follow these steps:

  1. Open Local Security Policy , navigate to the Account PoliciesPassword Policy folder and check if your settings are correct for the settings shown here:

    Step by step implementation of password policy settings Picture 9
  2. Close Local Security Policy .
  3. Check to ensure that users cannot specify passwords that are shorter than 8 characters, cannot create non-complex passwords, and cannot change their new passwords immediately.
5 ★ | 1 Vote

May be interested

  • Malware will not be detectedPhoto of Malware will not be detected
    a security researcher specializing in rootkits has successfully developed a prototype of a new technology that enables the creation of '100% invisible' malware, even for x64 systems like windows vista.
  • How to be safe on a wireless networkPhoto of How to be safe on a wireless network
    most people enjoy the benefits of wireless technology. wireless networks obviously bring many advantages to users, and they can be vulnerable if you don't have security.
  • Methods of protecting personal information with solid passwordsPhoto of Methods of protecting personal information with solid passwords
    password is the key that you use to access personal information that you have saved on your computer and in your online account. if thieves or other dangerous users steal this information, they can use t & ec
  • Security tool all in onePhoto of Security tool all in one
    the worm can spread through spam and spyware that can seed trojans, a series of new threats that will no longer be clearly differentiated. in response, security software incorporates many different tools to keep your pc safe.
  • Apache 2.0 with SSL / TLS protocol: Step by step instructionsPhoto of Apache 2.0 with SSL / TLS protocol: Step by step instructions
    for more than ten years, the ssl protocol has been widely used to ensure the safety of web transactions over the internet. you can imagine millions of dollars every day, billions of dollars of transactions on the network using ssl. however, the simple truth is us
  • Secure data in USB cardPhoto of Secure data in USB card
    we store everything from good music to important documents and there are also some documents that are your own secret, it's unfortunate that someone can read what you don't want the world to know that now he is