Windows XP Robust Password scheme

Although an absolutely secure password does not exist, a relatively secure password can be implemented. The local security settings in WinXP make our passwords more resilient to the test.

First, set up a reliable password

You can open the Local Security Settings window by typing "secpol.msc" in the start → run window and entering a carriage return. Or you can open this setup interface through the control Panel → administrative tools → local security policy.

Expand account policy → password policy on the left side of the Local Security Settings window, and a series of password settings appear in the right pane, where you can create a complete password policy that maximizes the protection of passwords.

Figure 1

Enforce password history This setting determines the number of passwords that the user has used. Many people know that changing passwords often is a good way to improve the security of passwords, but because of personal habits, often exchange for a limited number of passwords. Configuring this policy allows the system to remember the password that the user used, and the system will give a hint if the replacement of the new password is duplicated in the system "memory". By default, this policy does not save the user's password, can be set according to their own habits, it is recommended to save more than 5 (can save up to 24).

Maximum password lifetime This policy determines how long a password can be used, then expires, and the system will require the user to change the password when the password expires. If set to 0, the password never expires. Generally can be set to 30-60 days or so, the specific expiration time depends on how strict your system security requirements. The maximum can be set for 999 days.

Minimum password lifetime This policy determines how long a password should be used before it can be modified. A set of 0 indicates that a password can be reused indefinitely, with a maximum value of 999. This strategy, combined with the "Enforce password history", will tell you whether the new password was previously used and, if so, cannot continue using the password. If the minimum password lifetime is 0 days, that is, the password never expires, setting "Enforce password history" does not work because no password expires and the system will not remember any of the passwords. Therefore, if you want to make the Enforce password history valid, you should set the value of the minimum password age to be greater than 0.

Minimum password length This policy determines the length of a password and the valid value is between 0 and 14. If set to 0, it means that no password is required, which is the default value of the system, and it is very dangerous to allow users who do not need a password to exist from a security standpoint. The recommended password length is not less than 6 bits.