Randomizing Passwords
It is a common practice that large enterprises define a single, static password for use across thousands of computers. Given the ease by which even extremely complex passwords can be compromised, the disclosure of passwords can jeopardize the security of an entire enterprise. Randomizing and cycling passwords is an easy and secure way that large public and private enterprises can ensure that security breaches do not occur. Randomizing passwords includes:
- The password change interval: The frequency that passwords are changed.
- The password complexity: The minimum length of passwords combined with the use of alpha-numeric characters.
The Randomize Password Policy enables administrators to generate random passwords automatically, in a schedule, for a defined collection. In a worst case scenario, if a password somehow becomes compromised, the compromised password allows access only until the randomization period expires, and more importantly, access only applies to one computer.
Failure of the Randomize Password Policy
If the minimum Windows 7™ password policy requires 14 characters, and the LSS Randomize Password Policy requires 10, the Randomize Password Policy will FAIL on those Windows compouters. The LSS Randomize Password Policy must be at least the minimum of what Windows requires.