DOCUMENT:Q102727 10-AUG-1993 [W_NT] TITLE :Password Uniqueness in Windows NT PRODUCT :Windows NT PROD/VER:3.10 OPER/SYS:WINDOWS KEYWORDS: -------------------------------------------------------------------- The information in this article applies to: - Microsoft Windows NT operating system version 3.1 - Microsoft Windows NT Advanced Server version 3.1 -------------------------------------------------------------------- SUMMARY ======= The Password Uniqueness parameter in Windows NT can confuse users. There is no direct association between this value and the number of passwords that a specific user has previously used. MORE INFORMATION ================ Let's suppose that Password Uniqueness is set to 3. This does not mean that at the third password change I can use an old password, or that that after using three passwords I can use the first one again. The Password Uniqueness parameter works as follows: First password: One Passwords saved: <> First password change New password: Two Passwords saved: Second password change New password: Three Passwords saved: A user may think that the first password can be used again because three passwords have been used. This is not true; the user must wait until his password disappears from the saved password list. The next password change will resemble the following: Third password change New password: Four Passwords saved: Some users may think that they can use their first password again, because they've already changed their password three times. This is incorrect also. The next password change will resemble the following: Fourth password change New password: Five Passwords saved: In the next (the fifth) password change, the user can use the first password (One), because it is no longer on the list. A better way to explain this is to regard the Password Uniqueness number as the number (n) of entries in a fictitious table, where the passwords in this table cannot be used. If you add to this your current password, plus the new password that you will use, you get n+2 different passwords, and not n different passwords. Be aware that if you want to keep n different passwords, Password Uniqueness must be set to n-2. Be aware also that n can be any number from 1 to 8. Workaround ---------- If you mistakenly set up a number and you don't want that to be your standard, you can change it, and the oldest entries from that table will be removed so you can use those passwords. To change Password Uniqueness: 1. From User Manager for Domains, select the Policies menu. 2. Choose Account. 3. Change your password uniqueness number in the Password Uniqueness box. 4. Choose OK. Additional reference words: 3.10 KBCategory: KBSubcategory: SCRTY ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 1993.