====== Password Policies ====== See also **[[networking:windows:active_directory:ad_password_complexity|Active Directory Password Management]]** This is just a bit of **info for IT decision-makers** to make you are aware of some options that can be changed to suit your needs or wishes. :!: Please note that network usernames and passwords are not the same as e-mail usernames and passwords. They also have different password policy systems. ===== Common Policy Settings ===== * Minimum Requirements * Complexity * Upper Case * Lower Case * Numbers * Symbols * Length * Maximum Age ===== Why Would You Care ===== Passwords are a significant risk to most computing security systems. Where high-security systems usually rely on two-factor (or more) authentication (like password+fingerprint or password+smart-card), most small businesses rely on just a single password for security. Password policies dramatically affect the security of user passwords. They also can be frustrating...security is a double-edged sword. **The most important policy is "Use no trivial passwords, ever, for anything."** The only hacks I have ever seen or been involved with were the result of trivial passwords and automated 'script kiddie' tools scanning for 'low-hanging fruit' (easy marks). A dedicated attacker would present a much greater risk as they often use 'social engineering' techniques which are far more effective. ===== What Can Be Changed ===== These graphics that show and explain some of the password policy settings available. If you'd like us to modify any of these settings, please let us know, or if you prefer, we can show you how to adjust the settings yourself. ==== Windows Default Password Policies ==== {{ :quick_guide:default_windows_password_policy.png?550 |Windows Default Password Policy}} ==== Zimbra Default Password Policies ==== {{ :quick_guide:zimbra_default_password_policy.png?700 |Zimbra Default Password Policy}} ==== Zimbra Policy Options ==== {{ :quick_guide:zimbra_passwword_policy_options.png?450 |Zimbra Password Policy Options}}