Password Policies

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I just seen something here that i cant quite relate to the real world and hoping someone can help out..

Im talking about password policies in GPO

Enforce Password History - lets say this has a value of 6, that means the password the user has now cant be entered again until they enter 6 new passwords over a certain timeframe right?

Max Password Age - Lets say we have 25 here... so every 25 days the users must change their password.

now this is the one i cant make sense of:

Min Password Age - users must wait a certain number of days to change the password again? could some relate this to the real world please?

how does the max and min password age related or can you have either the one or the other?

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

say you have a password history of 6, then people could just change their password (ctrl-alt-del) 6 times in a row, and get their old password back. to prevent that, there is the minimum password age. maximum password age speaks for itself.

 

i forgot about the ctrl-alt-del... so you can have max and min or you MUST have a max and min - best practice?

 

depends on the complexity of your network, and how savvy your users are. i usually go for a tight policy just to be on the safe side. the impact of password policies on the users is usually minimal, because most settings don't affect them anyway. maximum password age and strong password requirement are the ones they usually have to deal with.

 

thanks! you cleared it up! back to the books!