Enforce strong passwords
Windows 2000 by default doesn’t require any specific password properties, which means a user can select a very simple password or even no password at all. In networks where security isn’t a big concern, this lack of strong password enforcement doesn’t pose a problem. Where security is a concern, however, enforcing strong passwords can help prevent brute force hack attacks on user accounts.
You can configure Windows 2000 to require a minimum password complexity. By default this means the password must not contain the username and must contain at least three of the following: English uppercase letters, English lowercase letters, Westernized Arabic numerals, and nonalphanumeric characters (!, @, #, and so on). With strong password enforcement turned on, Windows 2000 prevents users from specifying passwords that don’t meet this criteria.
Configure a password policy
You configure Windows 2000 to enforce strong passwords through the security policy settings. You can define these settings through the local security policy or the domain security policy. If both are defined, the domain security policy takes precedence.
Tip
Consider implementing password aging and history along with strong passwords for optimum security.
Use the following steps to enforce strong passwords through the local security policy:
Open the Local Security Policy console from the Administrative Tools folder.
Open the Account Policies\Password Policy branch.
Double-click the policy “Passwords must ...
Get Windows 2000 Quick Fixes now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
