Password uniqueness (Windows)

Module: Password Strength

Supported Platforms: Windows 2000, Windows 2003, Windows 2008, Windows Vista, Windows XP

This check verifies that the Windows password settings require a specified number of passwords to be retained as password history. These passwords cannot be reused when a password is changed. The valid range of password history is 0 to 24 passwords.

The following table lists the error message for the check.

Table: Error message for Password uniqueness

Message String ID and Category	Platform and Message Numeric ID	Message Title and Description	Additional Information
String ID: ESM_MIN_PASSWD_HIST_TOO_LOW Category: Policy Compliance	Windows 2000 (105333) Windows 2003 (205333) Windows 2008 (248333) Windows Vista (228333) Windows XP (200333)	Title: Minimum password history too low Description:The number of passwords required to be retained as password history is set too low. This lets users recycle expired passwords too quickly and defeats the requirement to change passwords on a regular basis. A password history setting of at least 10 is recommended.	Severity: yellow-1 Correctable: false Snapshot Updatable: false Template Updatable: false Information Field Format: [Min history: %s; expected: %s]

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: ESM_MIN_PASSWD_HIST_TOO_LOW

Category: Policy Compliance

Windows 2000 (105333)
Windows 2003 (205333)
Windows 2008 (248333)
Windows Vista (228333)
Windows XP (200333)

Title: Minimum password history too low

Description:The number of passwords required to be retained as password history is set too low. This lets users recycle expired passwords too quickly and defeats the requirement to change passwords on a regular basis. A password history setting of at least 10 is recommended.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [Min history: %s; expected: %s]