Maximum password age (Windows)

Module: Password Strength

Supported Platforms: Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows XP

This check verifies that the Windows password age setting has a maximum age that does not exceed the number of days specified in your policy. The valid range of maximum password age is 0 to 999 days.

The following table lists the error message for the check.

Table: Error message for Maximum password age

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information


Category: Policy Compliance

  • Windows 2000 (105330)

  • Windows 2003 (205330)

  • Windows 2008 (248330)

  • Windows Vista (228330)

  • Windows XP (200330)

Title: Maximum password age too high

Description:The maximum password age is set too high. Infrequent password changes allow anyone with a stolen password long term access to your system. The recommended maximum password age is 60 days.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [Max age: %s; expected: %s]