Showing results for 
Search instead for 
Did you mean: 

Enforce strong password usage using group policy

There are a number of network worms which attempt to brute force into other systems using network shares for example Conficker, which uses this method as the secondary infection vector. Having strong passwords can stop this infection vector.

An ideal password is long and has letters, punctuation, symbols, and numbers

    * Whenever possible, use at least 14 characters or more.
    * The greater the variety of characters in your password, the better.
    * Use the entire keyboard, not just the letters and characters you use or see most often.

Create a strong password you can remember

There are many ways to create a long, complex password. Here is one way that may make remembering it easier:

Start with a sentence or two (about 10 words total). Think of something meaningful to you. Long and complex passwords are safest. I keep mine secret. (10 words)
Turn your sentences into a row of letters. Use the first letter of each word. lacpasikms (10 characters)
Add complexity. Make only the letters in the first half of the alphabet uppercase. lACpAsIKMs (10 characters)
Add length with numbers. Put two numbers that are meaningful to you between the two sentences. lACpAs56IKMs (12 characters)
Add length with punctuation. Put a punctuation mark at the beginning. ?lACpAs56IKMs (13 characters)
Add length with symbols. Put a symbol at the end. ?lACpAs56IKMs" (14 characters)

Now to enforce strong passwords for all the users on the local system, do the following:

1)  Goto Start->Run. Type in gpedit.msc and press enter.

2)  Expand to Local Computer Policy -> Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy

3)  One good example of the settings on right pane is:

     Enforce Password History: 10 Passwords Remembered

     Maximum Password Age: 120 Days

     Minimum Password Age: 1 Days

     Minimum Password Length: 14 Characters

     Passwords Must Meet Complexity Requirements: Enabled

This document was generated from the following thread:

Version history
Revision #:
1 of 1
Last update:
‎06-03-2010 03:09 AM
Updated by: