User Account Policies

User Account Policies

User policy	Default Setting	Recommended change for workstation & stand-alone server	Recommended change for domain controller
Maximum Password age.	Password Never Expires	No Change	No Change
Minimum Password Length	Blank Password Allowed	At least 6 charactors	At least 6 charactors (Or use Leland Password Filter)
Minimum Password Age	Allow Changes immediately	No Change	No Change
Password Uniqueness	Do not keep history	No Change	No Change
Account Lockout	No account lockout	Activate account lockout	Activate account lockout
Lockout After	5 attempts	No Change	No Change
Reset Count After	30 minutes	No Change	No Change
Lockout Duration	30 minutes	Forever	Forever
Forcibly disconnect users when hours expire	Off	On	On
Users must logon to change password	Off	No Change	No Change