Hardening Windows Audit Policy
Enforce password history – 24
Maximum Password Age – 42 days
Minimum Password Age –2 days
Minimum password length – 8 characters
Password Complexity – Enable
Store Password using Reversible Encryption for all Users in the Domain – Disable
Account Lockout Duration – 30 minutes
Account Lockout Threshold – 5 attempts
Reset Account Lockout Counter – 30 minutes
Enforce User Logon Restrictions – Enable
Maximum Lifetime for Service Ticket – 600 minutes
Maximum Lifetime for User Ticket – 8 hours
Maximum Lifetime for User Ticket Renewal – 7 days
Maximum Tolerance for Computer Clock Synchronization – 5 minutes