Windows Server 2022 provides us with a way to fully manage domain objects and it is thanks to group policies that allow defining the parameters of different functions within the team. By default, when a new domain is configured in Windows Server, it implements two group policy objects which are:
- The default domain policies.
- The default domain controller policies.
In this case, the domain policy will be bound only at the domain level but the domain controller policy will be bound to the OU created on the Windows Server 2022 server domain controllers . One of these policies is the password policy which will help us improve the way domain users can access the system and configure their parameters.
Password policies include some such as:
Enforce password history
This prevents the user from using the same password twice in a period of time, the default value is 24, so you can only use this password after it has been changed 24 times.
Minimum validity of the password
This allows you to define the minimum time of the password so that the user does not change it frequently.
Maximum validity of the password
When configuring it, we can set a time for the password to automatically expire, its default value is 42.
Minimum password length
It allows defining the minimum length of the password, the default value is 7 characters.
Store passwords with reversible encryption
It is a delicate policy where the password is stored in plain text allowing access by other users.
The key must meet the complexity requirements
It is a primary policy since it allows creating secure passwords, it does not allow the password to be the username or part of the full username, it must be at least 6 characters long, contain at least one character, either uppercase (A a Z), lowercase (a - z) or a numeric digit (0 to 9) and non-alphabetic characters such as $% #).
To stay up to date, remember to subscribe to our YouTube channel! SUBSCRIBE
How to change password policies in Windows Server 2022
It is possible that due to some user configurations it is necessary to edit these policies, for this we open the Server Manager and go to "Tools - Group Policy Management":
In the displayed window we right click on "Default Domain Policy" and select "Edit":
This will open a new window, there we go to the path "Computer Configuration - Policies - Windows Settings - Security Settings":
We double click on "Account Policies" and then we open "Password Policy"
When opening it we can edit the different policies available as the case may be:
It is possible to edit the policy "Maximum validity of the password" and define the new range:
Then we can edit the policy "Minimum password length" and define the minimum number of characters:
In the same way, we can edit the policy "Require password history" and there define how many times the history will be hosted:
Thus it is possible to edit each of the available policies based on the security configuration required in the domain..
After this we are going to access the command prompt and there we update the policies, for this execute "gpupdate":
This is the process to change password policies in Windows Server 2022.