Home > Resource > Password Management and Protection Tips > Skillfully Use Local Strategy to Guard Windows Password Security

Skillfully Use Local Strategy to Guard Your Windows Password Security

We can say that there isn’t a computer doesn’t existing hidden dangers which may be responsible for important information leak. We as its users have obligation and responsibility to protect its security.

Speak of security, many people grant that it is something to do with computer experts. In fact it is not that way. In order to raise the security of system to meet users’ requirements, Microsoft has provided a local security strategy configuration window. We can guard Windows password security better only skillfully use local strategies related with security settings just like the contents introduced below.

Note: Click Start to enter Control Panel, open "Management Tool" item and double click "Local Security Policy" to open "Local Security Settings" window. On the window, choose "Password Policy" under the directory of "Accounts Policy". Then you will see six options. Let’s see.

First of all, Password Must Meet Complexity Requirements

One of the most basic tricks of hackers is to acquire login password, thus we can start from protecting our password against. It is quite dangerous practice for users to combine numbers and letters simply as their password, let alone not setting a password at all. Here a small trick can strength your password by double clicking the item "Password must meet complexity requirements" to enable it.

Secondly, Minimum Password Length

Too short a password can be easily cracked by brute force, that’s why we have to set a password as long as possible. Here, we only need to double click the item "Minimum Password Length" and set the minimum as 6, thus a password less than 6 characters won’t work.

Thirdly, Maximum/Minimum Password Age

Theoretically, no matter how complex a password is, it can be cracked by brute force as long as there is enough time. Thus we must recognize that it is unsafe for us to use a password in the long run. Hereto, we can set a maximum password age by double clicking the item "Maximum Password Age" to set a time period such as a month. And the system will remind users to change a password automatically 30 days later.

Correspondingly, there is an item "Minimum Password Age". If you set a minimum password age, for example 10 days, and that means you cannot change the current password until you having using the password for 10 days. The purpose of doing this is to avoid hackers to change account password directly.

Fourthly, Enforce Password History

If you have set a maximum password age, you will be asked to reset a password at the pointed time. For some lazy users, they tend to use two or three commonly used password alternately, which is not safe neither for system security. To tackle this, we only need to double click "Enforce Password History" item to set its remembered password history to a larger scale to avoid users using a same password repeatedly in a short time.

After you have made the above settings one by one, users have to set a password confirm to the configured policies next time whenever they set a password. If it doesn’t, the system will pop up an error window to remind you that the typed password doesn’t meet password policy requirements. By doing these, users are forced to set a password long and complex enough to reduce the possibility to be cracked and provide security guard to our system.