Problem solve Get help with specific problems with your technologies, process and projects.

Setting the Win2k default domain admin password to expire every 45 days

I have a Windows 2000 network in a financial institution. Recently the auditors told me that I need to have the default domain administrator password expire every 45 days. Is there a way to set this? Isn't this also going to effect any service that is installed and running on the 20 servers I have? Please help, I can't find this information anywhere! Thank you for your help.
You can set this on any domain controller in your domain. Open up the domain security policy and browse to the password policy. Change the maximum password age to be 45 days. This will only effect services on your servers if you are running services off domain accounts. If you are, you will need to log onto those servers every 45 days and reset the service passwords also. It is good practice to change your passwords every 45 days, but having the system force you can be a headache with domain admin accounts. I recommend setting your own domain admin policy and manually changing them every 45 days.

For more information on this topic, visit these other SearchSecurity.com resources:
  • Best Web Links: Securing Financial Services/Banking
  • Best Web Links: Passwords
  • Best Web Links: Securing Microsoft Products/Platforms
  • This was last published in March 2003

    Dig Deeper on Password management and policy

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.