what happens to service account passwords if you change complexity?

  • Thread starter Thread starter Ziek
  • Start date Start date
Z

Ziek

If I enable "complex" passwords on my domain, will that affect my service
account passwords which already have the "password never expires" option?
We currently do not enforce complex passwords, but if we do decide to, we
are wondering if our service account passwords will then suddenly fail?
 
It will only mandate that all future passwords must be complex - changes, resets, new
accounts. Those all ready in use will be fine but when changed, if ever, will need to
be complex. --- Steve
 
Hello Ziek,
You may want to be aware that enabling complex passwords on users who never
had complex passwords may present a problem. Enabling this policy means
that the password filter setting will not allow simple passwords. My
reason for this statement is, if a user is now forced to change his
password to a complex password the policy will give an error when they
enter the new and old password stating that the password does not meet
complexity requirements. The error will be in reference to the old
password. You have to SET complex passwords for your users before you can
enable the complex password policy.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Curtis Clay III [MSFT] wrote / skrev:
Hello Ziek,
You may want to be aware that enabling complex passwords on users who never
had complex passwords may present a problem. Enabling this policy means
that the password filter setting will not allow simple passwords. My
reason for this statement is, if a user is now forced to change his
password to a complex password the policy will give an error when they
enter the new and old password stating that the password does not meet
complexity requirements. The error will be in reference to the old
password. You have to SET complex passwords for your users before you can
enable the complex password policy.
Click to expand...

A non-technical thing to consider if implementing this sort of thing is
also information to the users about how to easily construct passwords
such as for example "the moon is a yellow cheese"-method and the
specific requirements of the complexity. It might also be a good idea to
explain _why_ it is important with passwords that are not easily
cracked. Apologies if this was selfevident, I know this was not the
question, but often the "human engineering" part gets forgotten.

- Veronica Loell
 
Back
Top