Tuesday, January 4, 2011

How to Enable or Disable Windows 7 Password History Enforcement




Information
Password history determines the number of unique new passwords that have to be associated with and used by a user before an old password can be reused again. This enables administrators to enhance security by ensuring that old passwords are not reused continually.

By default, there is 24 remembered on domains, and 0 remembered on stand-alone computers. This will show you how to enable or disable enforcing password history, and set how many passwords will be remembered before users can reuse a password.

These procedures can also be applied on Windows Vista and Windows XP.




Tip
To maintain the effectiveness of the password history, do not allow passwords to be changed immediately after they were just changed by also enabling the minimum password age and setting it to be more than 0 days.

Warning
You can only do this while logged in as an administrator.
 
EXAMPLE:
Password History Message

NOTE:
This is a message a user will get when they try to change their password to a reused older password instead of a new unique password before the number of remember passwords has been reached.



OPTION ONE
Through Local Security Policy Manager

NOTE:
This option is only available for the Windows 7 Professional, Ultimate, and Enterprise editions.

1. Open the Local Security Policy editor.

2. In the left pane, expand Account Policies, and click on Password Policy. (see screenshot below)



3. In the right pane, double click on Enforce password history. (see screenshot above)

4. To Disable Password History for All Users -

A) Enter 0, and click on OK. (see screenshot below)



B) Go to step 6.

5. To Enforce Password History for All Users -

A) Enter how many passwords between 0 and 24 that you want remembered before users can reuse a password, then click on OK. (see screenshot above)

6. Close the Local Security Policy editor.

OPTION TWO

NOTE:
This option is available for all Windows 7 editions.


2. To See the Current "Password History" Setting -

A) In the elevated command prompt, type net accounts and press Enter. (see screenshot below)



3. To Disable Password History for All Users -

A) In the elevated command prompt, type the command below and press Enter. (see screenshot below)


Code:
net accounts /uniquepw:0



B) Go to step 5.

4. To Enable or Change the Password History for All Users -

A) In the elevated command prompt, type the command below and press Enter. (see screenshot below)

NOTE:
Substitute (1-24) for how many passwords you want remembered before users can reuse a password.

Code:
net accounts /uniquepw:(1-24)

FOR EXAMPLE: 
I would type in this command exactly for 5 remembered passwords, and press enter.

Code:
net accounts /uniquepw:5




These procedures can also be applied on Windows Vista and Windows XP.


<a href="http://www.linkedtube.com/xNHifhoiedY23e9d86d07f41d4f1622115a5c86526b.htm">LinkedTube</a>

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Twitter Delicious Facebook Digg Stumbleupon Favorites More