When you add new users in Windows 7, you will have the option of setting password protection or not for their profile; if you do, their password will by default remain the same until either they change it, or until you (as computer administrator, or standard user with administrative credentials) decide to change another user's password. But Windows 7 also includes the "auto expire" feature for user passwords, which will force users to regularly change their password. Changing password frequency and expiration will of course make local network / PC's safer, though as always, more secure means less convenient!
Before going further, note that some of these steps may not work in basic editions of Windows 7, like "Starter". But you no longer have to have a network / multi-user edition of Microsoft's operating system to be able to implement user account security policies, as was the case with some versions of Windows.
x
} number of days, based on a variable you can customize yourself, called "Maximum Password Age" - the default value is 42
days. In other words, the user account you just customized will be reminded to change his/her password every 6 weeks.To change how often users need to change their password, please see our "Configure password age policy" tutorial. You'll learn there also about other security settings, like preventing users from changing their password until at least {y
} days have passed, and optionally prevent them from re-using a password they have already picked in the past.
Tip: for the sake of brevity and simplicity, we took a "user-centric" approach in this tutorial, but know that Windows 7 lets you setup global security policies, user groups, etc. - which make network-wide policies easier to implement and manage.