10. Password Policies
• Set a password expiration
period making users reset
passwords every 45 days.
• Set minimum password
length of 7 characters.
• Set password recollection to
not allow users to use a
previously used password.
11. Password Policies cont.
Set password complexity requirements to
force users to create a password to include
at least one of each of the following:
Uppercase letter
Lowercase letter
Number
Special character
12. Account
Lockout Policies
Do not give users the
ability to enter a
password over and
over again. Set up an
Account Lockout
Policy to only allow a
user up to 3 attempts
before the account is
locked and password
must be reset.