Accounts must be configured to require password expiration.

An XCCDF Rule

Description

Passwords that do not expire increase exposure with a greater probability of being discovered or cracked.

ID: SV-220716r1038967_rule
Version: WN10-00-000090
Severity: Medium
References: CCI-000199 CCI-000199 CCI-004066
Updated: about 2 months ago

Remediation Templates

Configure all passwords to expire.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Users.
Double-click each active account.
Ensure "Password never expires" is not checked on all active accounts.