Articles > Windows 2003
Printer Friendly Version
Views: 7901

Active Directory: Hardening Against Password Cracking

Last Updated: 6/13/11

Here are some suggestions to harden your active directory environment from hackers. This is for extremely secure environments.

- Require passwords of 15 or more characters
- Disable LAN Manager (LM) hashes from being stored on your computers
     (http://support.microsoft.com/kb/299656)
- Do not show/store the last username used to login (http://support.microsoft.com/kb/310125)
- Do not cache passwords: This setting will prevent users from logging in when the domain controller is unavailable  (http://4sysops.com/archives/manage-stored-windows-passwords/)
- Force password changes every 60 days





Keywords: active directory environment password security hardening rainbow tables cracks hacks