Password change

Andrea Vironda 811 Reputation points
2021-05-07T05:43:11.71+00:00

Hi,
in my Microsoft Windows Server 2019 Server Standard 64-bit v1809 (Build 17763) I created several users and now i'm requested to change the password. I have several questions:

  • we're only few people, is it necessary to change them? what's the best practice
  • How long does a password lasts? it seems now it's 1 months, but it's too few.
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
8,176 questions
{count} votes

Accepted answer
  1. Daisy Zhou 12,916 Reputation points Microsoft Employee
    2021-05-07T06:43:41.84+00:00

    Hello @Andrea Vironda ,

    Thank you for posting here.

    Here are the answers for your references.

    • we're only few people, is it necessary to change them? what's the best practice
      A1: If these passwords meet best practice or are strong passwords (which have at least eight characters and include a combination of letters, numbers, and symbols), we can keep them.

    Here is best practice for password policy.

    Enforce password history: Set Enforce password history to 24.

    Maximum password age: Set Maximum password age to a value between 30 and 90 days, depending on your environment.

    Minimum password age: Windows security baselines recommend setting Minimum password age to one day.

    Minimum password length: Set Minimum password length to at least a value of 8.

    Password must meet complexity requirements: Set Passwords must meet complexity requirements to Enabled.

    Store passwords using reversible encryption: Set the value for Store password using reversible encryption to Disabled.

    • How long does a password last? it seems now it's 1 months, but it's too few.
      A2: See A1, or I suggest we can set it 3 monthes-6 monthes (maybe one year depending on your environment).

    Reference
    Password Policy
    https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-policy

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.


0 additional answers

Sort by: Most helpful