Top Password Policies and Best Practices for System Administrators The Devolutions Blog

This policy determines how long users must keep a password before they’re able to change it. The Minimum Password Age will steer clear of a user from dodging the password system through the use of a new password and then changing it back to their old one. To stay away from this, the true minimum age might be set from three to seven days, ensuring that users are less prone to switch back to an old password, but are still capable of change it in an inexpensive amount of time. As a system administrator you need to bear in mind that this policy can also keep away from a user from automatically changing a compromised password, so if the user can’t change it, it could be up to you to make the change.

I’ll start by saying that this policy should only be enabled on a per user basis and then only to meet the user’s actual needs. As you all know, passwords in the password database are all encrypted and this encryption can’t perpetually be reversed. If your company uses an application that needs to read a password, then it is the only time you can want to enable this surroundings. Keep in mind that after enabling the Store Password Using Reversible Encryption for All Users policy, it’s like your passwords are stored as plain text, representing an identical security risks. Always be cautious when enabling that policy.

See also  Levy Library Blog Levy Library Guides at Icahn School of Medicine at Mount Sinai