Enforce Password History
|ID: oval:gov.nist.usgcb.windowsseven:def:4||Date: (C)2012-04-13 (M)2017-10-26|
|Class: COMPLIANCE||Family: windows|
This security setting determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. The value must be between 0 and 24 passwords.
This policy enables administrators to enhance security by ensuring that old passwords are not reused continually.
24 on domain controllers.
0 on stand-alone servers.
Note: By default, member computers follow the configuration of their domain controllers.
To maintain the effectiveness of the password history, do not allow passwords to be changed immediately after they were just changed by also enabling the Minimum password age security policy setting. For information about the minimum password age security policy setting, see Minimum password age.
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Enforce password history
(2) REG: INFO NOT AVAILABLE
|Microsoft Windows 7|