SV-226291r569184_rule
V-226291
SRG-OS-000480-GPOS-00227
WN12-SO-000025
CAT III
10
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> "Interactive Logon: Prompt user to change password before expiration" to "14" days or more.
If the following registry value does not exist or is not configured as specified, this is a finding:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Value Name: PasswordExpiryWarning
Value Type: REG_DWORD
Value: 14 (or greater)
V-226291
False
WN12-SO-000025
If the following registry value does not exist or is not configured as specified, this is a finding:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
Value Name: PasswordExpiryWarning
Value Type: REG_DWORD
Value: 14 (or greater)
M
4217