The Windows 2000 Local Security Policy Defines how passwords behave. You can improve system security by configuring passwords to expire periodically and making users specify new ones, increasing the required length of a password, and specifying whether failed login attempts disable a user's account. Click on the Start button, point to Settings, and click on Control Panel. Double-click on 'Administrative Tools' then 'Local Security Policy'. In the 'Security Settings' folder, look in the 'Accounts Policy' section to get to the 'Password Policy' settings.