Been searching all night for this... does anyone know the registry key for Windows XP/2003 to enforce password history? http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/500.mspx?mfr=true
-
1What do you mean by "password history" exactly?– user541686Commented Oct 1, 2012 at 2:22
-
Determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. microsoft.com/resources/documentation/windows/xp/all/proddocs/…– Fran FitzpatrickCommented Oct 1, 2012 at 2:23
-
1There is no "password history" registry key. If there was, it would be a major security hole. @Fran: That's password policy, not password history.– Ken WhiteCommented Oct 1, 2012 at 2:24
-
How would it be a major security hole? Every other password policy option is linked to a registry key.– Fran FitzpatrickCommented Oct 1, 2012 at 2:25
-
It is a password policy to enforce password history. Ah, lets just chalk it up to semantics. :-) Anyone know?– Fran FitzpatrickCommented Oct 1, 2012 at 2:26
|
Show 2 more comments
2 Answers
HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Value to check: RefusePasswordChange and MaximumPasswordAge
[Source: MS Technet Librairy]
I don't know about Windows XP/2003, but on Windows 7 Ultimate x64 it's apparently
Key: HKLM\SAM\SAM\Domains\Account
Value: F
Byte offset: 0x10 (0x3A corresponds to 0, 0x3B corresponds to 1)
It's in binary, maintained by LSASS, so I don't recommend you try to change it through undocumented means.