In the Church IT podcast today I had mentioned a couple cool tools that I use quite a bit. Both are password generators that I use when creating or changing passwords for system or service accounts. The first one is found at http://www.pctools.com/guides/password/ and the other can be found at https://www.grc.com/passwords.htm . I hope this helps!
We also had a discussion about password policies and that had a tangent into locking out administrator accounts. I had made mention of the fact that the domain built-in administrator account could not be locked out. More information can be found in the "Administrator Accounts Security Planning Guide" but by default the administrator account cannot be locked out, even if your domain policies do specify a lockout policy. I would recommend reading the security guide since it has several good pointers. Some of those pointers are to rename the administrator account, create a decoy administrator account, make sure you are using strong passwords and change the passwords periodically. The document also describes how to enable lockout policies on your administrator account, if you are interested.
Comments