+4 votes
53 views
in Security by (76.3k points)
reopened
Change password policy Windows Server 2022

1 Answer

+5 votes
by (506k points)
 
Best answer

Windows Server 2022 provides us with a way to fully manage domain objects and it is thanks to group policies that allow defining the parameters of different functions within the team. By default, when a new domain is configured in Windows Server, it implements two group policy objects which are:

  • The default domain policies.
  • The default domain controller policies.
In this case, the domain policy will be bound only at the domain level but the domain controller policy will be bound to the OU created on the Windows Server 2022 server domain controllers . One of these policies is the password policy which will help us improve the way domain users can access the system and configure their parameters.

 

 

Password policies include some such as:

 

Enforce password history
This prevents the user from using the same password twice in a period of time, the default value is 24, so you can only use this password after it has been changed 24 times.

Minimum validity of the password
This allows you to define the minimum time of the password so that the user does not change it frequently.

Maximum validity of the password
When configuring it, we can set a time for the password to automatically expire, its default value is 42.

Minimum password length
It allows defining the minimum length of the password, the default value is 7 characters.

Store passwords with reversible encryption
It is a delicate policy where the password is stored in plain text allowing access by other users.

The key must meet the complexity requirements
It is a primary policy since it allows creating secure passwords, it does not allow the password to be the username or part of the full username, it must be at least 6 characters long, contain at least one character, either uppercase (A a Z), lowercase (a - z) or a numeric digit (0 to 9) and non-alphabetic characters such as $% #).

 

 

To stay up to date, remember to subscribe to our YouTube channel!   SUBSCRIBE

 

 

How to change password policies in Windows Server 2022

 

Step 1

It is possible that due to some user configurations it is necessary to edit these policies, for this we open the Server Manager and go to "Tools - Group Policy Management":

 

image

 

Step 2

In the displayed window we right click on "Default Domain Policy" and select "Edit":

 

image

 

Step 3

This will open a new window, there we go to the path "Computer Configuration - Policies - Windows Settings - Security Settings":

 

image

 

Step 4

We double click on "Account Policies" and then we open "Password Policy"

 

image

 

Step 5

When opening it we can edit the different policies available as the case may be:

 

image

 

Step 6

It is possible to edit the policy "Maximum validity of the password" and define the new range:

 

image

 

Step 7

Then we can edit the policy "Minimum password length" and define the minimum number of characters:

 

image

 

Step 8

In the same way, we can edit the policy "Require password history" and there define how many times the history will be hosted:

 

image

 

Thus it is possible to edit each of the available policies based on the security configuration required in the domain..

 

Step 9

After this we are going to access the command prompt and there we update the policies, for this execute "gpupdate":

 

image

 

This is the process to change password policies in Windows Server 2022.

 


...