deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 10:53:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

edits

Browse Source
This commit is contained in:
Justin Hall
2019-04-08 14:44:00 -07:00
parent 77b6f11b0b
commit 61fa2978a2
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-seccon-framework/seccon-5-enterprise-security.md
View File

@ -36,7 +36,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi
|-------------------------|--------------------------------------------------------------------------------------------------|---------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |-------------------------|--------------------------------------------------------------------------------------------------|---------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Password Policy | Enforce password history | 24 | The number of unique new passwords that must be associated with a user account before an old password can be reused. | | Password Policy | Enforce password history | 24 | The number of unique new passwords that must be associated with a user account before an old password can be reused. |
| Password Policy | Minimum password length | 14 | The least number of characters that a password for a user account may contain. | | Password Policy | Minimum password length | 14 | The least number of characters that a password for a user account may contain. |
| Password Policy | Password must meet complexity requirements | Enabled | Determines whether passwords must meet complexity requirements:<br>1) Not contain the user's samAccountName (Account Name) value or entire displayName (Full Name value). Neither check is case sensitive.<br>The samAccountName is checked in its entirety only to determine whether it is part of the password. If the samAccountName is less than three characters long, this check is skipped. The displayName is parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the displayName is split and all parsed sections (tokens) are confirmed to not be included in the password. Tokens that are less than three characters are ignored, and substrings of the tokens are not checked. For example, the name "Erin M. Hagens" is split into three tokens: "Erin", "M", and "Hagens". Because the second token is only one character long, it is ignored. Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password.<br>2) Contain characters from three of the following categories:<br>- Uppercase letters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)<br>- Lowercase letters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)<br>- Base 10 digits (0 through 9)<br>-Non-alphanumeric characters (special characters): (~!@#$%^&*_-+=`\|\\(){}[]:;"'<>,.?/)<br> Currency symbols such as the Euro or British Pound are not counted as special characters for this policy setting.<br>- Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages. | | Password Policy | Password must meet complexity requirements | Enabled | Determines whether passwords must meet complexity requirements:<br>1) Not contain the user's samAccountName (Account Name) value or entire displayName (Full Name value). Neither check is case sensitive.<br>The samAccountName is checked in its entirety only to determine whether it is part of the password. If the samAccountName is less than three characters long, this check is skipped. The displayName is parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the displayName is split and all parsed sections (tokens) are confirmed to not be included in the password. Tokens that are less than three characters are ignored, and substrings of the tokens are not checked. For example, the name "Erin M. Hagens" is split into three tokens: "Erin", "M", and "Hagens". Because the second token is only one character long, it is ignored. Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password.<br>2) Contain characters from three of the following categories:<br>- Uppercase letters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)<br>- Lowercase letters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)<br>- Base 10 digits (0 through 9)<br>-Non-alphanumeric characters (special characters):<br>(~!@#$%^&*_-+=`\|\\(){}[]:;"'<>,.?/)<br>Currency symbols such as the Euro or British Pound are not counted as special characters for this policy setting.<br>- Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages. |
| Password Policy | Store passwords using reversible encryption | Disabled | Determines whether the operating system stores passwords using reversible encryption. | | Password Policy | Store passwords using reversible encryption | Disabled | Determines whether the operating system stores passwords using reversible encryption. |
| Security Options | Accounts: Guest account status | Disabled | Determines if the Guest account is enabled or disabled. | | Security Options | Accounts: Guest account status | Disabled | Determines if the Guest account is enabled or disabled. |
| Security Options | Domain member: Disable machine account password changes | Disabled | Determines whether a domain member periodically changes its computer account password. | | Security Options | Domain member: Disable machine account password changes | Disabled | Determines whether a domain member periodically changes its computer account password. |