Tips for strong password in server hardening

The need for a highly secure Strong Password is felt more these days due to increased hacking and phishing. With Microsoft integrating windows logon to many online transactions, the need is further more important.

The password policy setting is one of the most important steps in server hardening procedure. This is usually done in 99% of the environments. But if in any environment it was overlooked, there are methods how one can enforce the strong password policy there.

The steps to enable password security policy in Windows 2003 Domain server is presented in this post:

Step#1: Start—> Program –> Administrative Tools –> Domain Security Policy

step1

Step#2: From the Domain Security Policy Window, enable the “Password must meet complexity requirements” under Password policy in Account Policies

step2

Once these steps are done, the password policy will be enforced when the users do a password reset.

 

Microsoft has some suggestion on how to make your password strong. I find the following tips useful:

  1. The length of password is very important – make it at least 14 characters or more.
  2. Make your password strong with special characters (symbol) in it.
  3. Mix upper and lower case letters to increase complexity.
  4. Remember to use the entire keyboard instead of using common words.
  5. Increase the length by using numbers between the letters.
  6. More complex the better – add punctuation at the beginning.

You might also want to refer to the Microsoft Documentation for detailed examples and Password checker tool


3 comments:

Anonymous said...

August 15, 2010 at 8:31 AM

Hello Franklin, good informations.!

Amithap

Anonymous said...

August 16, 2010 at 10:56 AM

these are really a useful infor on day to day activities.. thanks..!!

Nizam.

Franklin Muthuswamy, MCA, M.Tech said...

August 19, 2010 at 5:39 PM

Thanks Amithap and Nizam

Post a Comment