Configure user authentication settings. How to enable a password change reminder in Windows Password requirements
It is probably no secret that novice users of personal computers use the same password for most of their online accounts, to protect their account, etc. This is one of the biggest mistakes, since attackers can compromise it and, of course, take advantage of it. In this regard, personal computer users should think about always setting (or at least trying) different passwords for accounts, Internet accounts, etc. In addition, one of the theories, confirmed in practice more than once, states that the password needs to be changed periodically. Periodically changing passwords will allow you to better protect your computer and confidential information on it, and in addition, it will complicate the hacking process for attackers, since the old information that they may have found will no longer be relevant.
Periodically changing passwords
Today, not all services, programs or sites require periodic password changes. For the most part, this is inherent in various Internet wallets (for example, Qiwi or Yandex.Money). It is unlikely that any user of such resources and, accordingly, electronic money would like his funds to be used by any third parties. In this regard, many owners of such wallets simply agree to regularly change passwords. In the system settings, the user can change the password replacement date. For example, it may require in a month, three months, half a year, a year, or it can be turned off altogether.
It is worth noting another important nuance, which is that attackers mainly use brute force (one of the hacking methods), and if the user has not changed the password on some account for a long time, then this can be done very quickly. easily.
How to create a password and how often should it be changed?
If the user is still worried that his password may be compromised, then it is best to change it once every two weeks (the best option). Of course, the password should not consist only of your last name, first name, date of birth, or anything else that many people might know. The password must be complex, containing both numbers and letters, and at the same time, its length must be at least 10 characters. Such a password can be changed less frequently, for example, once every month or two, but even in this case, the likelihood of hacking or guessing the password will remain. It is worth noting that it is also advisable to delete all cookies, history and logs in the browser settings. This will also increase the security of the user’s personal computer.
Welcome to my blog!
For security purposes, in some enterprises each user has his own password to log into the system and this password must be changed to a new one after a certain time. And as a rule, it should not be repeated with the last five passwords. When I worked at one of these companies, I also had a password to log in to certain programs.
But you can set a password not on a corporate computer, but on a personal one, if you want to prevent strangers from entering your system without your knowledge. And if you want the protection of your computer to be reliable, then it needs to be periodically replaced with a new one. This will make it more difficult for attackers to pick it up.
In this article, I want to give advice on how to enable a password change reminder in Windows so that you don't forget to change it in time.
First you need to cancel the unlimited password in your account settings. To do this, open the “Computer Management” window. This can be done using the menu.
Password management
Configuring Password Settings
Configuring password settings that are common to all computer users is done in the general settings management window. In the dialogs of this window, you can specify the minimum number of characters in the password, the frequency of changing user passwords, and also define the requirements for the uniqueness of user passwords.
1. Display the window for managing general Secret Net parameters.
2. Define the minimum length of the user password in the “Minimum number of characters in password” field. This parameter can take values from 0 to 16 (“0” means that the use of empty passwords, i.e. passwords of zero length, is allowed).
Note. A user cannot be assigned a password that has fewer characters than the number specified in this field. When a user logs in, the length of the password they specify is compared with this value. If the length of the specified password is less than the specified minimum length, the user is prompted to change the password.
3. Define in the “Password change frequency (in days)” field the period of time during which the current user password is valid. This parameter accepts values from 0 to 365 days (“0” means the password is not expired).
4. Activate the “Advanced” dialog.
5. Define in the “Number of passwords remembered by the system” field the number of old passwords for each user, information about which will be stored by the system. This parameter can take values from 0 to 24 (“0” means that when changing the password, the user can specify any one, including his current password, as a new one).
6. Click the “OK” button.
Password rules
When defining a password, the following rules must be observed:
1. The password can only contain Latin characters, numbers and service characters (characters of the Latin keyboard layout). It is prohibited to use Cyrillic characters, as well as the space symbol.
2. It is allowed to use different keyboard registers (for example, “Dog” or “dog”). It should be remembered that uppercase and lowercase letters are perceived as different (“Dog” and “dog” are considered different passwords).
3. The password length cannot be less than the established minimum length and cannot exceed 16 characters.
4. The new password must not match the old user passwords, information about which is stored by the security system.
Configuring Individual Login Options
Settings related to user authentication at the login stage are configured in the user properties management window.
Configuring User Authentication Options
To configure the parameters you need:
1. Display the user properties management window.
2. Set the “Password Request” switch, which allows you to allow or prohibit the user from logging into the system without presenting a password:
· to allow the user to log in to the system without presenting a password, it is necessary to remove the check mark from the switch field;
· To prevent a user from logging into the system without a password, check the radio button.
3. Check the Permanent Password box to disable the user's password aging mode, which limits the validity period of the user's current password.
If the field does not contain a checkmark, the password validity period is determined by the general security system parameter “Password change frequency.” After the number of days specified by this parameter has expired, the security system will ask the user to change the current password and will prohibit the user from logging in using the old password.
Rice. 15.
If a user's name and password are the same on Secret Net, Novell NetWare, and Microsoft Windows networks, logging that user into the network can be simplified as follows:
1. Check the “Auto-enter user password when logging on to the network” checkbox so that the user name and password are automatically entered when connecting to Novell NetWare and Microsoft Windows networks.
2. Check the “Require password change at next login” checkbox to enable this password change mode for the user. When the user logs into the system, a password change dialog will be displayed.
3. Click the “OK” button.
Instructions for organizing password protection
1. General Provisions
1.1 These instructions establish the procedure and rules for generating and using passwords in the organization’s information systems.
1.2 The requirements of these instructions apply to all employees of the organization.
1.3 Lack of control in the determination and use of passwords may entail the risk of unauthorized access to the organization’s information, leading to fraudulent and other actions in information systems that can cause material harm and damage to the organization’s reputation.
2. Password requirements
2.1 Passwords should not be based on any one word, issued identifier, name, nickname, passport data, insurance numbers, etc.
2.2 Passwords should not be based on standard patterns and consecutive characters on the keyboard or in the alphabet, for example, such as: qwerty, 1234567, abcdefgh, etc.
2.3 Passwords must contain characters from at least three of the following groups:
- Lowercase Latin letters: abcd...xyz;
- Capital Latin letters: ABCD...XYZ;
- Numbers: 123...90;
- Special characters: !%() _+ etc.
2.4 Password length requirements:
- For ordinary users - at least 8 characters;
- For administrators ( local\domain) - at least 15 characters;
- For service identifiers, shared keys ( shared keys) - at least 14 characters;
- For SNMP Community Strings - at least 10 characters.
2.5 Password change frequency:
- Administrative – every 60 days;
- Custom – every 90 days;
- Service – at least twice a year;
- Shared keys SNMP Community Strings - at least once a year.
2.6 Passwords must not be stored or transmitted unencrypted over public networks ( local area network, internet, email).
2.7. Embedded identifiers should not be used during operation. They must be assigned passwords that are different from those set by the manufacturer. They are subject to requirements similar to those for service passwords.
2.8 Passwords cannot be written down on paper, in the phone’s memory, etc. You cannot disclose or transfer your password to anyone.
2.9 Password hashes must be checked during internal audit by the information security administrator at least twice a year using standard brute force attacks.
It is also possible to check whether a password meets the requirements of this instruction in the presence of the user: the user names his password, and the verifier enters the password and checks it. After such verification, a mandatory and immediate password change is required.
2.10 Service identifier passwords must be included in the procedure for managing UA passwords, including storing them in a secure place, sharing the secret, and periodically changing ( 1 time per year).
3. Requirements for information system security settings
3.1 The account must be blocked after 5 incorrect access attempts for at least 15 minutes.
3.2 It is prohibited to use the functions " Remember password » in any software.
4.Requirements for service account passwords
4.1 Passwords for service accounts must be created by the person responsible for the service account and the information security administrator.
4.2 The length of each half of the password must be at least 7 characters, the password complexity is specified in clause 2.3. Before sealing the envelope, be sure to check that the password has been changed correctly in the information system by making an appropriate entry in the journal.
4.3 The password must be changed at least twice a year, or immediately in the event of dismissal or change of authority of one or two persons responsible for generating the password.
4.4 Each half of the password is stored in a separate envelope, which prevents the password from being visible through the envelope, for example, by shining a bright light through the envelope. The envelopes are kept in the safe of the head of the UA.
4.5 Each generation\change\opening of a password or envelope must be created with a corresponding entry in the log.
4.6 The information security administrator must monthly check the presence of envelopes and integrity.
4.7 Opening of envelopes can be done by:
- person responsible for the information system;
- information security administrator;
- Head of UA
4.8 Envelopes are opened by one person, followed by registration in a journal, and it is mandatory to inform the information security administrator using mail.
4.9 If envelopes are opened/used, upon completion of the work it is necessary to create a new password in accordance with clause 4.1
4.10 Administrators provide assistance and assistance to the information security administrator in conducting audits, managing service, administrative passwords, shared keys and SNMP Community Strings, including generating passwords, changing them and storing them in a secure place, as well as setting up information systems to comply with these requirements.
4.11 The information security administrator is responsible for auditing the requirements of this policy and developing identifier management procedures.
4.12 Users of information resources must comply with the requirements of these Instructions when choosing a password and working with it.
5. Responsibility
5.1 Those guilty of violating the terms of this Instruction are liable in accordance with the legislation of the Russian Federation, employment contract, job description.
6. Final provisions
6.1 General current control over the execution of this instruction is carried out by the AIB.
6.2 AIB keeps these instructions up to date.
6.3 Changes and additions to these instructions are approved by the director of the organization.
6.4 The instruction comes into force upon approval by the director of the organization.
Download ZIP file (17633)
If the documents were useful, please give them a “like”:
Good day, dear friends, acquaintances, readers, admirers and other individuals. Today we’ll briefly talk, as you understand from the title, how often to change passwords and why you should do it.
As practice shows, changing passwords on most resources that are important to you is a very useful thing and, although not very often, it still allows you to save information that is important to you and your own accounts.
This replacement procedure, in terms of frequency, should be carried out depending on how protected the computers from which you use certain password-protected resources are, and we are talking not only about antiviruses and firewalls, but also much more.
For example, the privacy of the computer (at my work, users often forget to press the banal “Logout” button from their account, say), that is, about the number of people who use this same computer.
So how often should you change your passwords? Why?
The optimal frequency for changing your password is, on average, once every 1 (thirty calendar days) month for services that are critical to you, such as mail, electronic wallets, bank clients, and the like.
Less often, in fact, it is permissible to change the password for all other services, taking into account that it does not coincide with any others. Ideally, you should have different pairs of logins and passwords everywhere, or at least not one password, at any point in time, should coincide with another.
What is this connected with? At a minimum, with the fact that you do not know (in most cases) and cannot (most users) not only know which program will steal your password, how and when, but also cannot control the leak of the password from the site, where are you registered? Therefore, the question of how often to change passwords is more relevant than ever in our time.
Afterword
How can I make my task easier? Try using generators and password storages, like , and the like, and also, it is highly advisable, never store the password on a piece of paper in an easily accessible place, especially if the password is from, I repeat, a service that is important to you or, especially, from work.
In a nutshell, it’s something like this. As always, if you have any questions, thoughts, additions, etc., you can leave them in the comments to this article. Well, yes, you can tell me how often to change passwords in your opinion.