Password Basics
What should users be taught to create, remember, and not write down?
Strong passwords
Do account lockout and password policies apply to the computer or the user?
The computer
How many old passwords can Windows remember with enforce password history?
24
Does LAPS automatically manage the password for the local admin account or the domain admin account?
local
What happens if the maximum password age is set to 0?
it forces an immediate password reset
What is the minimum recommended password length for regular users?
8 characters
Is the time for the "reset lockout counter" tracked with seconds, minutes, hours, or days?
minutes
What is a typical setting for account lockout threshold?
3 attempts
What does the LAPS acronym mean?
Local Administrator Password Solution
What does "enforce password history" prevent?
Users from reusing old passwords
What is the maximum password length?
256 characters
What does the account lockout threshold determine?
The number of failed attempts allowed before lockout
Why would an organization use fine-grained password policies?
To apply stricter requirements to certain users or groups (e.g., admins need stronger passwords than regular users)
True or False: Granular password policies are not applied to the entire domain.
True
How many character categories must be used for complexity requirements?
At least 3
What Azure AD feature helps if a user forgets their password?
Self-service password reset (SSPR)
Storing passwords using reversible encryption is the same as storing what?
Plaintext passwords
What kind of devices can LAPS manage passwords for?
Azure AD-joined or Windows Server Active Directory-joined devices
What is another name for granular password policies?
Fine-grained password policies
Complexity requirements prevent the use of what types of words?
Dictionary words or parts of the user’s login ID