Windows: the password drama continues
Setting password policies in Windows Server 2003 and earlier versions can feel a little like a running soap opera. If the executives in your company want a year between password changes, for example, but 90 days for everyone else, your only real solution is to create a special domain just for them.
The reason for this limitation is because password policies, unlike all other Group Policies, are traditionally applied only at the domain level. More domains mean more domain controllers (DCs), and that means more management headaches. So our solution to the problem sometimes means changing everyone's policy to something less secure.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.