This is because users can access, alter or configure the operating system if they have the appropriate privileges. For this reason, the users that access an operating system need to be monitored and if need be restricted to what they can do. This can be done through Group Policy. To control access, the administrators should provide a user account system that only users with account names and account passwords can access the system (Center for internet security, 2012). Setting of maximum password age can help in avoiding unauthorized access, password age refers to the time which a certain password can be used before being changed. This is done because most passwords can be cracked over time, the more often you change passwords the harder it is to crack them. The operating system requires users to create a new password every time they want to change an old password; this is to prevent re-using of old passwords that could be mastered by unauthorized users access the system. Minimum lengths for passwords should be set to be fourteen or more characters, this is because it is harder to crack long passwords as opposed to shorter