Go to the next video →

Very few (if any) accounts should have passwords that never expire. A non-expiring password allows attackers the greatest opportunity to maintain access indefinitely if they are undetected by other means. If an account requires a static password make sure it is extremely long, complex and random to help protect from brute-force attacks.

From the list on the left, find “No. of users with passwords that never expire,” click on it to highlight the selection, and click the “>” arrow to move it to the selection field (Optional: select the color of the chart using the drop-down menu).

Tips for interpreting this report

When enforcement of a regular password change policy starts this graph should have a downward slope from left to right.  Once the policy is in place the line should remain at a constant low level. Little if any growth is expected.  If there are minor increases, proper documentation should accompany the account without a password expiration so it is monitored more closely for abuse, or misuse. Spikes or steady growth indicate a breakdown in following the password expiration policy which should be addressed administratively.

← Go back to the intro