Local Account Passwords

Issue

Weak passwords are one of the main causes of security breaches. Examples of weak passwords are names of children or pets, or common words found in the dictionary, such as "happy."

Solution

Adopt a strong password policy. This is one of the most effective ways to ensure system security.

Follow these guidelines to implement a strong password policy:

Require passwords that contain a mix of upper and lower case letters, numerals and punctuation marks. Do not allow words that can be found in a dictionary. Programs are available that can run an entire dictionary against your passwords without you knowing it.
Set a minimum length for passwords of at least seven characters.
Do not allow blank passwords.
Require passwords to be changed frequently (every 45 days at a minimum) and Do not allow previous passwords to be reused.

Instructions

Changing individual passwords: Users can set or change their passwords by pressing CTRL+ALT+DEL, and then clicking Change Password.

Changing password policy settings: After you establish a password policy, you can set up your Windows operating system to incorporate such requirements as password length, age, complexity, and history.

To change password policy settings in Windows XP or Windows 2000

Click Start, point to Settings, and then click Control Panel.
Double-click Administrative Tools, and then double click on Local Security Policy.
Double-click the Account Policies folder, then select the Password Policy folder.
Double click the policy that you want to change and then specify the new policy setting.

To change password policy settings in Windows NT

Click Start, point to Programs, and then click Administrative Tools.
Click User Manager for Domains.
On the User menu, click Select Domain, and then type the local computer name.
On the Policies menu, click Account.
In Account Policy, change the password restrictions.

Additional Resources

Implementing Guidelines for Strong Passwords