If you change the minimum password length or force it to include special characters, does that change only get enforced when the password comes up for renewal or will everyone who does not meet the new enforced parameters be forced to change their password immediately regardless of age?
Thanks . Steve ----- Original Message ----- From: "Scott Kaufman at HQ" < SKaufman @ ittesi .com> To: "NT System Admin Issues" < ntsysadmin @ lyris .sunbelt-software.com> Sent: Wednesday, March 4, 2009 12:09:52 PM GMT -05:00 US/Canada Eastern Subject: RE: Password Policy Change It's not 90 days from when you set the policy, it's 90 days from the last password change on the user account. If you change the policy to be 90 days, all user accounts that have the password last set date that is greater than 90 days will immediately get set to change password at next logon . Unless you can guarantee that all user account passwords were changed within 90 days, I'd start with a long time frame, like 200 days, and each month (or two weeks) keep reducing it down until you get to 90 days. Or be prepared for a lot of helpdesk calls & user complaining. Also check any service accounts, as those accounts will get the same thing & services will start failing. Lived through this a few times from "consultants" changing it because upper management said to change it based on a recommendation/report from another third party.... blah blah blah, but didn't take the time to look at the user accounts & determine how many would get affected by the change. It will be a great test of your customer service skills & resolve if you just implement the change :) Scott Kaufman Lead Network Analyst ITT ESI , Inc. -----Original Message----- From: John Hornbuckle [ mailto :john. hornbuckle @ taylor .k12.fl.us] Sent: Wednesday, March 04, 2009 11:03 AM To: NT System Admin Issues Subject: RE: Password Policy Change You mean, 90 days from the day you set the policy? -----Original Message----- From: Cameron Cooper [ mailto : Ccooper @ aurico .com] Sent: Wednesday, March 04, 2009 10:59 AM To: NT System Admin Issues Subject: RE: Password Policy Change If I remember correctly, when we implemented this (every 90 days) the passwords would change after the time frame was set to expire. _______________________________ Cameron Cooper IT Director - CompTIA A+ Certified Aurico Reports, Inc Phone: 847-890-4021 Fax: 847-255-1896 ccooper @ aurico .com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http :// www . sunbeltsoftware .com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http :// www . sunbeltsoftware .com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http :// www . sunbeltsoftware .com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
