Password Policy Settings Explained | Tony Bradley

Password Policy Settings Explained

by Tony Bradley • July 31, 2009 • Configuring Vista Security

Windows Vista enables you to control many of the features and functions by configuring Local Security Policy settings. There are six components that make up the Password Policy under Vista Local Security Policy. Click the links below for more details about what each of these six policy settings means and how you should configure them to manage passwords on your Windows Vista system.

Enforce Password History

This settings defines the minimum number of passwords that must be created before a previous password is allowed to be re-used.

Maximum Password Age

Maximum Password Age is the password expiration date, or the maximum number of days allowed before a new password must be created.

Minimum Password Age

This setting is used to define the minimum number of days that a password must be used before a new password can be created.

Minimum Password Length

The Minimum Password Length setting defines the minimum number of characters allowed in order for a password to be valid.

Password Must Meet Complexity Requirements

Enabling this setting forces users to create stronger, more complex passwords.

Store Passwords Using Reversible Encryption

This setting should only be enabled in extreme circumstances. It basically forces passwords to be stored in plain text for cases where an application or process needs access to them for authentication purposes.

Tags: Age, authentication purposes, extreme circumstances, Local, local security, maximum, maximum password age, Minimum, number, Password, password expiration, password length, password must meet complexity requirements, Policy, policy settings, security, security policy, store passwords, valid password, Vista, vista system, windows

About Tony Bradley

Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

http://www.tonybradley.com
My Sites
Testimonials
"Tony manages to take complex confusing technology issues and convey them in a way that average persons can understand and apply. Tony is knowledgeable and experienced and I consider it a privilege to work with him as a network security professional or as a writer.”
Peter Luiks
Edrac Group
Twitter
- Facebook marketing may not be worth it for GM's $10 million, but that doesn't mean that Facebook ads don't work. It… https://t.co/4ilENa2T about 23 hours ago from ManageFlitter Reply Retweet Favorite
- Why Facebook Marketing Doesn't Work for GM. http://t.co/WN0RBkxa 03:04:01 PM May 16, 2012 from TweetDeck Reply Retweet Favorite
- New and Improved SkyDrive Is a Threat to Dropbox. http://t.co/7pblpuQ7 01:58:01 PM May 16, 2012 from web Reply Retweet Favorite
@thetonybradley
Facebook

Tony Bradley on Facebook