Accounts must be configured to require password expiration.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>Passwords that do not expire increase exposure with a greater probability of being discovered or cracked.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-220716r1016404_rule
Severity: Medium
References: CCI-000199 CCI-000199 CCI-004066
Updated: 16 days ago

Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double-click each active account.
Ensure "Password never expires" is not checked on all active accounts.

Accounts must be configured to require password expiration.

Description

Remediation - Manual Procedure