Enabling Strong Password Functionality in Windows 2000

• Microsoft Windows 2000 Server
• Microsoft Windows 2000 Advanced Server
• Microsoft Windows 2000 Datacenter Server

SUMMARY

Windows 2000 Server includes the strong password functionality first provided in Microsoft Windows NT Server 4.0 Service Pack 2 (SP2). For additional information about the scope of default strong password functionality, please see the following article in the Microsoft Knowledge Base:

Q161990 How to Enable Strong Password Functionality in Windows NT

MORE INFORMATION

To implement strong password requirements for your domain, configure a group policy object linked to your domain:

1. Start the Group Policy Editor Microsoft Management Console (MMC) snap-in, focused on the appropriate group policy object. This must be a group policy object linked to the entire domain. You can directly edit the Default Domain Controllers Policy GPO if you are using this policy object.
   
   A quick method of starting the Group Policy Editor MMC snap-in with its focus pointed to this GPO is:



1. Right-click the domain object in the Active Directory Users and Computers MMC snap-in, and then click Properties.



2. Click the Group Policy tab.



3. Click the Default Domain Policy GPO link, and then click Edit.



2. Navigate to the following node in the group policy object:

   Group Policy Object Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy




3. Double-click Passwords must meet complexity requirements of installed password filter to produce the application dialog box.



4. Change the template setting to Enabled to activate the strong password requirement.
   
   As with all policy settings, the change is not applies until the next time group policy objects are applied to your domain controllers.

Additional query words:

Keywords : ntsecurity
Version : WINDOWS:2000
Platform : WINDOWS
Issue type : kbhowto