STIGQter: STIG Summary: Windows 10 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:

Accounts must be configured to require password expiration.

DISA Rule

SV-220716r569187_rule

Vulnerability Number

V-220716

Group Title

SRG-OS-000076-GPOS-00044

Rule Version

WN10-00-000090

Severity

CAT II

CCI(s)

CCI-000199 - The information system enforces maximum password lifetime restrictions.

Weight

Fix Recommendation

Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double click each active account.
Ensure "Password never expires" is not checked on all active accounts.

Check Contents

Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double click each active account.

If "Password never expires" is selected for any account, this is a finding.

Vulnerability Number

V-220716

Documentable

False

Rule Version

WN10-00-000090

Severity Override Guidance

Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double click each active account.

If "Password never expires" is selected for any account, this is a finding.

Check Content Reference

Target Key

4072

Accounts must be configured to require password expiration.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments