WN12-AC-000005 – The maximum password age must meet requirements.

Details

The longer a password is in use, the greater the opportunity for someone to gain unauthorized knowledge of the passwords. Scheduled changing of passwords hinders the ability of unauthorized system users to crack passwords and gain access to a system.

Solution

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy -> ‘Maximum password age’ to ’60’ days or less (excluding ‘0’ which is unacceptable).

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Windows.

References

800-53|IA-5(1)(d)
CAT|II
CCI|CCI-000199
Rule-ID|SV-226060r794295_rule
STIG-ID|WN12-AC-000005
STIG-Legacy|SV-52851
STIG-Legacy|V-1104
Vuln-ID|V-226060

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles