RE: Minimum password length GPO

[David Mazzaccaro]

That's how I read it.
 

________________________________

From: Jeff Steward [mailto:jstew...@gmail.com] 
Sent: Thursday, August 26, 2010 11:40 AM
To: NT System Admin Issues
Subject: Re: Minimum password length GPO


True, but short of running password audit tools it is the only way to
guarantee that all users meet the new complexity requirement. 

-Jeff


On Thu, Aug 26, 2010 at 11:28 AM, Ken Schaefer <k...@adopenstatic.com>
wrote:


        That's not quite the same as what Ben's asking for. It will
force everyone to change their password, regardless of whether their
current password meets the new requirement or not.

         

        Cheers

        Ken

         

        From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
        Sent: Thursday, 26 August 2010 10:42 PM


        To: NT System Admin Issues
        Subject: RE: Minimum password length GPO

        

         

        Ah.. great idea!

        thx!

         

         

        
________________________________


        From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
        Sent: Thursday, August 26, 2010 10:37 AM
        To: NT System Admin Issues
        Subject: RE: Minimum password length GPO

        You can also just mass select the accounts in ADUC, right click
properties and hit the checkbox for must change password at next login.
That is how I did our migration to more complex passwords. That let me
do it a department at a time and control the help desk load.

         

        From: Andrew S. Baker [mailto:asbz...@gmail.com] 
        Sent: Thursday, August 26, 2010 10:35 AM
        To: NT System Admin Issues
        Subject: Re: Minimum password length GPO

         

        Change the password age. :)

         

        That'll take impact rather quickly.

        
        
        ASB (My XeeSM Profile) <http://XeeSM.com/AndrewBaker>  
        Exploiting Technology for Business Advantage...
         

        Signature powered by
<http://www.wisestamp.com/email-install?utm_source=extension&utm_medium=
email&utm_campaign=footer> WiseStamp
<http://www.wisestamp.com/email-install?utm_source=extension&utm_medium=
email&utm_campaign=footer>  

        

         

        On Thu, Aug 26, 2010 at 9:48 AM, Ben Scott
<mailvor...@gmail.com> wrote:

        On Thu, Aug 26, 2010 at 9:42 AM, David Mazzaccaro
        <david.mazzacc...@hudsonhhc.com> wrote:
        > If a default domain policy GPO states "min password length is
7" and I
        > change it to "min password length 8"... what will happen to
those users who
        > are currently using 7 characters?

         Password policy is enforced when a password is changed, not at
        logon.  So existing passwords which do not meet password policy
will
        continue to work.
        
         It would be nice to have an option to re-check passwords at
logon
        and force a change if non-complaint with current policy, but
that
        doesn't exist, AFAIK.

         

        
        .

         

         

         

        

         

        


 

 


.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~