Administrator Account's Password Does Not Expire | Support Tips

Administrator Account’s Password Does Not Expire

While there are queries that can be run in Active Directory Administrative Center to determine which accounts haven’t had their passwords changed recently, this is not a task that’s likely to be performed by anyone outside the administration team.

Ultimately whether your select the “password never expires” option is up to you. Enabling it does reduce the security of your organization and with the advent of managed service accounts, there are fewer reasons to use static passwords with any user account

Solution – Best Practice

  1. Reconfigure the Administrator account’s properties to expire the password after a specified duration per the site’s policy.
  2. Ideally domain-wide policies should be set on the Domain Controller so that all Windows hosts on the domain comply automatically and each individual host does not need to be configured.

Note that the Administrator account on the Domain Controller(s) will always have a password that does not expire since the option check box in the properties dialog box for this account is unchecked.

Leave a Reply

Notice: Undefined index: sfsi_telegram_display in /home/www/ on line 320

Notice: Undefined index: sfsi_vk_display in /home/www/ on line 322

Notice: Undefined index: sfsi_ok_display in /home/www/ on line 324

Notice: Undefined index: sfsi_weibo_display in /home/www/ on line 326

Notice: Undefined index: sfsi_wechat_display in /home/www/ on line 328