To Determine the Password Policies For Windows 7

This article shows how to determine the password policies of security for Windows 7.

First you must be logged on as an administrator. If your computer is on a domain then only your network administrator can change the password policy settings.

Now click "Start", click "Run", enter "secpol.msc" in the Run dialog box, and then click "OK". In the Local Security Settings application, expand "Security Settings", expand "Account Policies" and then click "Password Policy".

PassPolicies1.jpg

PassPolicies2.jpg

Or,

Click "Start", click "Control Panel", click "Administrative Tools", and then double-click "Local Security Policy", expand "Security Settings", expand "Account Policies", and then click "Password Policy".

PassPolicies3.jpg

PassPolicies4.jpg

Enforce password history

It defines the number of unique new passwords that need to be related with a user account before an old password can be reused. The value must be between 0 and 24 passwords. This policy enables administrators to enhance security by ensuring that old passwords are not reused continually.

Maximum password age

It defines the period of time (in days) that a password can be used before the system requires the user to change it. You can set passwords to expire after a number of days between 1 and 999, or you can identify that passwords never expire by setting the number of days to 0. If the maximum password age is between 1 and 999 days then the minimum password age must be less than the maximum password age. If the maximum password age is set to 0 then the minimum password age can be any value between 0 and 998 days.

Minimum password age

It defines the period of time (in days) that a password must be used before the user can modify it. You can set a value between 1 and 998 days, or you can allow changes directly by setting the number of days to 0. The minimum password age must be less than the maximum password age, unless the maximum password age is set to 0, representing that passwords will never expire. If the maximum password age is set to 0 then the minimum password age can be set to any value between 0 and 998.

Minimum password length

It defines the least number of characters that a password for a user account may be. You can set a value of between 1 and 14 characters, or you can establish that no password is required by setting the number of characters to 0.
The password must meet complexity requirements.

It does define whether passwords must meet complexity requirements. If this policy is enabled then passwords must meet the following minimum requirements:

  • Not contain the user's account name or parts of the user's full name that top two following characters
  • Be at least six characters in length
  • Contain characters from three of the following four categories:

English uppercase characters (A through Z)

English lowercase characters (a through z)

Base 10 digits (0 through 9)

Non-alphabetic characters, for example (! $, #, %)

Complexity requirements are enforced when passwords are changed or created.

Store password using reversible encryption

It defines whether the operating system stores passwords using changeable encryption. This policy provides support for applications that use protocols that require knowledge of the user's password for authentication purposes. Storing passwords using reversible encryption is essentially the same as storing plaintext versions of the passwords. For this reason, this policy should never be enabled unless application requirements outweigh the need to protect password information.

We can determine the password policies by Command Prompt.

Click "Start", click "Run", enter "cmd" in the Run dialog box, and then click "OK".

Type "net accounts" in the Command Prompt.

PassPolicies5.jpg

 

Up Next
    Ebook Download
    View all
    Learn
    View all