Friday, 6 March 2009

Managing Windows Server 2008 password policy

Windows Server 2008 has implemented stricter security/password policies. I work in a development/test environment, where the network is isolated and not publicly accessible. In my case, the security policies are not of much importance since it is a closed and controlled environment. The following steps reduce the security level for the password policy settings.

1. Start --> Run --> gpedit.msc
2. Computer Configuration
--Windows Settings
--Security Settings
--Account Policies
--Password Policy
3. Set the following entries as shown:
Maximum Password Age: 0
Minimum Password Age: 0
Minimum Password Length: 0
Password Must Meet Complexity Requirements: DISABLED

View and manage saved Windows usernames/passwords

Enter the following command:
rundll32.exe keymgr.dll, KRShowKeyMgr --- note the "KRShowKeyMgr" is case sensitive.

The window which pops up shows all connections which have saved usernames/passwords.

The alternate method of accessing this window is by opening the following
Control Panel -> User Account -> Advanced tab -> Manage Passwords