(07)專案管理 » 01_外部專案

N bookmark20230424152553354013409667 "Privileged Accounts with Never Expiring Passwords

" Accounts with passwords unchanged for a long time increase the probability of its exposure, reuse or weakness. This allows a malicious individual to retain their access rights to the domain in the long term. "In order to make Active Directory enforce periodic password change, accounts must not have the ""Password never expires"" flag set in the ""Account"" tab of the user properties. Their passwords should then be rolled immediately.

For services accounts, Windows provides the ""managed service accounts"" and ""group managed service accounts"" features to facilitate the automatic change of passwords.

"