Understanding Windows Small Business Server password policies

Platí pro: Windows SBS 2003

A strong password policy is integral in helping to secure the network and in helping to protect data and resources from unauthorized access. Microsoft® Windows® Small Business Server 2003 enables you to easily set and change password policies for all users.

The password policies most commonly used in small companies are:

  • Minimum length. Enable this policy to determine the least number of characters that a password can contain. Setting a minimum length helps protect your network by preventing users from having short or blank passwords. The default is 7 characters.

  • Complexity. Enable this policy to determine whether passwords must contain different types of characters. If this policy is enabled, passwords cannot contain all or part of a user's account name and must contain characters from three of the following four categories:

    • English uppercase characters (A through Z)

    • English lowercase characters (a through z)

    • Numerals (0 through 9)

    • Nonalphanumeric characters (such as , !, $, #, %)

  • Maximum Age. Enable this policy to determine the period of time (in days) that a password can be used before the system requires the user to change it. The default is 42 days.


  • You must be a member of the Domain Admins group to enable these password policies.

You can choose to configure the password policies immediately or after a specified period of time. If you choose to configure password policies immediately, you must use strong passwords to log on to each client computer. You can simplify the process of setting up client computers by choosing to delay configuring the password policies until your configuration is complete. You will be able to work on the client computers without the password policy restrictions. If you use this option, choose to enable the policies after you have set up the client computers but before the users log on for the first time.

You are prompted to enable strong passwords after running the Configure E-mail and Internet Connection Wizard or the Remote Access Wizard for the first time. You can also enable or change password policies from the Manage Users taskpad in Server Management. After you enable or change password policies, all users are required to change their passwords the next time they log on.

Další odkazy


Managing user accounts
Configure password policies