Best Practices for Windows System Users to Change AD Password
1. Purpose: This Standard Operating Procedure (SOP) outlines the best practices for Windows system users to change their Active Directory (AD) password securely. By following these guidelines, users can protect their accounts and ensure the integrity and confidentiality of their information.
2. Scope: This SOP applies to all Windows system users within the organization who have AD
accounts and are required to change their passwords periodically.
3. Procedure:
Password Complexity:i. Choose a strong password that meets the organization's password complexity requirements. It should include a combination of uppercase and lowercase letters, numbers, and special characters. ii. Avoid using obvious and easily guessable passwords such as names, birthdates, or common words. iii. Ensure that the password is at least eight characters long to enhance security.
Regular Password Updates: i. Change your AD password regularly as per the organization's password policy. This may be every 60 or 90 days, depending on the organization's requirements. ii. Avoid reusing previous passwords.
Password Confidentiality: i. Do not share your password with anyone, including colleagues, supervisors, or IT personnel. ii. Do not write down your password or store it in an unsecured location.
Secure Password Change Process: i. Use a trusted device, preferably your assigned workstation or a secure, company-provided device. ii. Ensure that you are logged in to the company network before attempting to change your password. iii. Press Ctrl+Alt+Delete to access the Windows Security dialog box. iv. Select "Change a password" from the available options. v. Enter your current password, followed by your desired new password. Reenter the new password to confirm. vi. Ensure that your new password adheres to the password complexity requirements displayed during the process. vii. Click "Change password" to update your AD password.
Password Update Confirmation: i. After changing your AD password, log out of your current session and log back in using the new password to verify that it has been successfully updated. ii. If you encounter any issues logging in or accessing resources, contact the IT support team immediately.
Password Recovery: i. If you forget your password or suspect unauthorized access to your account, report it to the IT support team immediately. ii. Follow the organization's designated password recovery process to regain access to your account.
4. Responsibilities:
Users: i. Users are responsible for following the password change process outlined in this SOP. ii. Users must ensure the confidentiality of their passwords and report any suspected security incidents promptly.
IT Support Team: i. The IT support team is responsible for providing guidance and assistance to users during the password change process. ii. The IT support team must promptly respond to password-related issues and security incidents reported by users.
5. Documentation:
The organization shall maintain records of password change activities, including the date and time of password changes, user IDs, and any related incidents.
These records can be used for auditing purposes and investigating any security breaches or unauthorized access incidents.
6. Training and Awareness:
The organization shall conduct regular training sessions to educate users on password security best practices.
Users should be informed about the importance of regularly changing passwords and the consequences of weak password practices.
The organization shall provide resources such as posters, email reminders, and intranet articles to promote password security awareness among users.
7. Review and Updates:
This SOP should be reviewed periodically, at least annually, or whenever there are significant changes to the organization's password policies or security requirements.
Updates should be made to reflect any changes in technology, industry best practices, or regulatory requirements.
End of Standard Operating Procedure.
