• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Registry hack for complex PWs and 180 day PW expire?

N

nubietx

Member
The registry hack as it is written at http://support.microsoft.com/kb/555540 does not seem to do squat for requiring 8 character complex passwords and OR 180 password expiration. I entered it as written (see below), but it still allows just about whatever the local security policy is set for. Any idea why?

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Network]
"MinPwdLen"=hex:80
"AlphanumPwds"=dword:00000001
"MaxPasswordAge"=hex:18,00
"PasswordExpiryWarning"=dword:00000000



Microsoft doc
http://support.microsoft.com/kb/555540
Setup strong password policy in Windows XP


Sorry, I guess I should have posted this at http://forums.anandtech.com/ca...tid=34&flcache=3888255
 
Well, the (probably almost 2 to 3 thousand) desktops I am trying to implement this on are quite widely distributed geographically (as in state wide), and there is NO AD/GPO implementation. These users generally all have admin access (but otherwise, are quite basic in their windows familiarity) and predominately my organization is responsible for providing only e-mail services for.

My best strategy at a deployment is send the registry hack around via e-mail and have each user accept and apply it themselves. I wish I could find an easier deployment method but alas.

 
Wow, I'd hate to have your job! :Q

Another possibility, not as simple (and you probably already considered it): export a Local Security Policy that's set up as you like it, then have them run secpol.msc and import it.
 
Well, to be accurate, I am not trying to 'fix' all of these right now. We have some customers (on-campus ) at one of the larger Univs, who have complete autonomy over their IT resources and those are the ones I really need to implement THIS solution for ASAP (per the auditors).

I created a local template based on the cisecurity.org XP-SP2 benchmark that I had tightened up some. Getting it deployed also has been slowgoing (even for those local customers).


I told one vendor that I dont wake up screaming in the middle of the night anymore,, but I dont sleep that much either.
;-)
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top