If the account was created more than 60 days ago, setting this policy will force a password change at next logon.
If the account was created less than 60 days ago, setting this policy will force a password change when the account reaches 60 days. FWIW, I don't like a 60 day period. If I had my druthers, I'd enforce a very long password (greater than 16 characters) and force the password change at 180 or 365 days. This is spite of rainbow tables and pass-the-hash attacks. Kurt On Wed, Mar 4, 2009 at 07:51, John Hornbuckle <[email protected]> wrote: > Right now, our users' passwords don't expire. We're looking at changing that. > > My question is this... If I decide to enable password expiration, how is the > expiration date calculated for my users? > > Let's say that today I set passwords to expire every 60 days. Will all > current users' passwords expire 60 days from today? Or will all current > users' passwords expire today, if those passwords are 60 days or older? > > > > John Hornbuckle > MIS Department > Taylor County School District > 318 North Clark Street > Perry, FL 32347 > > www.taylor.k12.fl.us > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
