Swif's Windows Password Policy helps administrators enforce robust security practices by defining password requirements for Windows devices in your organization. This article outlines each setting you can configure and provides recommendations for optimal security.
Configuration Options
Force a User to Have a Password
Description: Ensures every user account on the device has an active password.
Recommended Setting: Enabled to maximize security.
Minimum Password Length
Description: Specifies the minimum number of characters required for passwords.
Range: 0 to 14 characters.
Recommendation: A length of at least 8-12 characters for enhanced security.
Password Complexity
Description: Requires passwords to contain a mix of uppercase letters, lowercase letters, numbers, and special characters.
Recommended Setting: Enabled to improve password strength.
Minimum Password Age
Description: Defines the minimum number of days before a user can change their password again.
Range: 0 to 998 days.
Recommendation: Set according to your organization's security policy. Generally, 1-2 days prevents rapid cycling of passwords.
Maximum Password Age
Description: Specifies the maximum duration (in days) a password can remain active before the user must change it.
Range: 1 to 998 days.
Recommendation: Set this period to 60-90 days to balance security and user convenience.
Password History
Description: Determines how many previously used passwords are remembered, preventing reuse.
Range: 0 to 24 passwords.
Recommendation: Use a higher setting (e.g., 10-24) to prevent users from frequently reusing old passwords.
Failed Attempts Count
Description: Specifies the maximum number of failed login attempts permitted before an account lockout.
Range: 0 to 999 attempts.
Recommendation: A lower number (e.g., 5-10 attempts) enhances security by reducing brute force risks.
Account Lockout Duration
Description: The duration (in minutes) an account remains locked after reaching the failed attempt threshold.
Range: 0 to 1440 minutes (24 hours).
Recommendation: Choose a period that sufficiently deters unauthorized access attempts without excessively impacting legitimate users, commonly 15-30 minutes.
Best Practices
Regularly update password policies to address emerging threats.
Educate users about the importance of strong, unique passwords.
Monitor account lockouts to detect possible security incidents.
Troubleshooting & Support
For assistance or further questions on configuring your Windows Password Policy with Swif, contact Swif Support.