Password policy

G

Guest

If our current password policy does not have a maximum password age, and some
users have a password of over 90 days, and we implement a password policy
that has a maximum password age of 90 days, do those users have 90 days to
change their passwords, or since their passwords are older than 90 days are
they considered expired as soon as the password policy is put into effect?

thank you,
 
D

Dave Shaw [MVP]

the password policy begins from the time you create the policy.

If you want them to change thier passwords, you can modify the individual
accounts (via MMC or script) to force a password change.

-ds
 
G

Guest

Are you saying if I implement the policy today with a max password age of 90
days, and regardless of how old any of the user's passwords are, those
passwords will only expire in 90 days? I've done some testing in a child
domain, and the opposite seems to apply. I have the max age set to 4 days,
and all users whose password are more than 4 days old are being prompted to
change their password the first time they logged in after the policy was put
into place.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top