Download the Group Policy Management tool on the Windows device and open the Default Domain Policy tab. Open the Settings tab. Then navigate through the following tabs:
Policies > Windows Settings > Security Settings > Account Policies/ Password Policy.
Here, you can view the password history and other related information.
Enforce Password History Policies for Windows and Android Devices
Enforce password history policy decides how many new passwords the user needs to create before setting previously used passwords. From real-world examples, it is evident that reusing passwords is a risky step that facilitates cyber criminals to attack the system and breach privacy by brute-forcing attempts.
Brute forcing is a hacking technique that helps attackers access other's business accounts and exploit vulnerabilities by trying all possible combinations. This technique is very effective on devices with weak or reused passwords.
Let's discuss practical ways to enforce password history on Android and Windows devices and other security parameters to enhance security.
1 Demo - Enforce Password History Setting
Numerous tools exist to help users manage password reuse policy, but not all of them are effective for corporate use. Businesses are more targeted by attackers, and weaknesses are prevalent due to the involvement of multiple smart devices and versatile usage. So, we will discuss only the best method to enforce password history settings for different organizational levels.
For Android
AirDroid Business is an Android device management solution that allows monitoring and control of large-scale managed devices from a centralized location, ensuring high security and confidentiality. It offers customizable policy settings, including a password policy, to ensure authorized access only.
Steps to configure or enforce password history settings
- Step 1.Login AirDroid Business Admin Console
- Sign up an AirDroid Business account and log in to access the admin console.
- Step 2.Manage Policy Config File
- Select the Policy & Kiosk option from the main menu. Select create a policy config file and then choose the view and edit option.
- Step 3.Password Settings
- From the list, choose the password option. You will find it above the App blocklist/Allowlist. A new menu will appear on the screen. Choose Passwords that Meet Complexity Requirements. It will force users to unlock the device by entering the password based on the set complexities.
- Step 4.Choose the Number
- Select the configure password reuse option and choose any number you want users to create new passwords before adding the older ones.
For Windows
- Step 1.Local Security Policy Editor
- Press the Windows + R key on the keyboard. Type ‘secpol.msc’ in the run program and press ‘OK.’ The local security policy editor will open.
- Step 2.Account Policy
- Navigate to Security Settings and expand the ‘Account Policy’ folder.
- Step 3.Password Policy
- Select the ‘Password Policy’ tab and double-click on the ‘Enforce password history’ option. A new Window will open with the option to select a number. Choose 20 or any other number required to set the number of times users have to create new and unique passwords. Press ‘OK’ to initiate.
2 Microsoft Recommend to Setup 24 Passwords Remembered
Microsoft strongly recommends remembering the last 24 passwords to fight against brute force attacks and increase password diversity. Passwords remembered technique is also helpful to comply with the latest password security standards and shows dedication to implementing strong security procedures.
By enforcing many passwords, users are encouraged to set complex and more diverse passwords, which helps eliminate the vulnerabilities caused by password reuse.
It acts as a barrier against cyber-attacks like brute force and strengthens security. It also discourages users from setting easy and memorable passwords and adopts strong and unique passwords every time, so they cannot detect them.
3 More Password Related Security Measures
If you think that enforcing password history is enough to prevent cyber-attacks, you are wrong. In addition to enforcing password history, there are multiple ways to secure devices.
Password Complexity Requirements
For fully secure access management, password complexity requirements are crucial to manage.
You might have encountered restrictions on setting passwords, including lower-case and upper-case letters, numbers, symbols, etc. Such restrictions create password complexities and help generate strong passwords.
Rules for Creating Passwords
Businesses need to set strict rules for employees to create strong passwords that are unpredictable and hard to guess. Strong and general passwords like a person’s mobile number or nickname are considered weak passwords and are easy to guess.
Setting strong password policies is crucial for businesses to prevent unauthorized access to official devices, as the devices contain highly sensitive data.
Password Valid Period
Setting password policies through valuable tools like MDM allows for setting a maximum and minimum age. A standard password maximum age is recommended to be 60 to 90 days; after that, a new password is required.
This helps to keep the security keys confidential and timely updated to make them complex. Businesses also need to set a minimum age for passwords because frequently changing passwords also causes security issues.
Force Password Configuration
To add an additional layer of security, admins can enforce force password configuration, which restricts users to unlocking their devices only using the configured passwords.
Turn on/off Smart Lock
The smart lock feature is built into Android devices, especially Samsung smart gadgets. It allows the configuration of trust agents, such as on-body detection and trusted devices. To enhance security measures, you can remotely enable/disable Smart Lock on managed devices by using an MDM solution.
4 FAQs
How do I view password history in Active Directory?
What should enforce password history be?
Enforce password history to be 24 or greater to ensure high-end security. To further enhance security, you can set the maximum and minimum password age and minimum password length.
What is the impact of enforcing password history?
Password history policy has a significant impact on device security and plays a crucial role in securing business devices from hackers and preventing data loss. It restricts users from creating new and unique passwords each time they need them for a certain limit set by admins before they reuse the old ones. It also encourages users to regularly update their passwords to strengthen security.
1 Conclusive Note
Managing password policies is a serious concern for individuals and organizations because it enables users to implement strong password authentication rules to ensure high security and prevent unauthorized access.
Enforcing password history is a perfect solution to avoid brute-force attacks by cyber-criminals. If an account is unfortunately compromised, then changing the password is crucial. Furthermore, changing the password for business accounts is not enough. It is better if admins delete the compromised user account and provide a new one. Set the maximum password age to be between 60 and 90 days, and also configure the minimum password age so admins can restrict users from frequent password changes.
Was This Page Helpful?
Leave a Reply.