3
Been searching all night for this... does anyone know the registry key for Windows XP/2003 to enforce password history? http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/500.mspx?mfr=true
3
Been searching all night for this... does anyone know the registry key for Windows XP/2003 to enforce password history? http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/500.mspx?mfr=true
3
HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Value to check: RefusePasswordChange and MaximumPasswordAge
[Source: MS Technet Librairy]
2
I don't know about Windows XP/2003, but on Windows 7 Ultimate x64 it's apparently
Key: HKLM\SAM\SAM\Domains\Account
Value: F
Byte offset: 0x10 (0x3A corresponds to 0, 0x3B corresponds to 1)
It's in binary, maintained by LSASS, so I don't recommend you try to change it through undocumented means.
1What do you mean by "password history" exactly? – user541686 – 2012-10-01T02:22:37.713
Determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/500.mspx?mfr=true
– Fran Fitzpatrick – 2012-10-01T02:23:32.8231There is no "password history" registry key. If there was, it would be a major security hole. @Fran: That's password policy, not password history. – Ken White – 2012-10-01T02:24:50.977
How would it be a major security hole? Every other password policy option is linked to a registry key. – Fran Fitzpatrick – 2012-10-01T02:25:36.040
It is a password policy to enforce password history. Ah, lets just chalk it up to semantics. :-) Anyone know? – Fran Fitzpatrick – 2012-10-01T02:26:01.483
Suggestion: dump the entire registry to e.g. text or xml, change the "password policy", dump the registry again, then compare the two dumps with e.g. the linux diff tool (I haven't used windows in years so I don't know how easy it is to get registry dumps.) – None – 2012-10-01T02:31:11.413
If you're looking for current or old passwords, they're not stored in the registry. The only things that would be found in the registry are restrictions for setting a ne password. – cutrightjm – 2012-10-01T05:00:50.797