[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Maximum Password Age

ID: oval:org.secpod.oval:def:22558Date: (C)2015-01-07   (M)2017-11-21
Class: COMPLIANCEFamily: windows




This security setting determines the period of time (in days) that a password can be used before the system requires the user to change it. You can set passwords to expire after a number of days between 1 and 999, or you can specify that passwords never expire by setting the number of days to 0. If the maximum password age is between 1 and 999 days, the Minimum password age must be less than the maximum password age. If the maximum password age is set to 0, the minimum password age can be any value between 0 and 998 days. Note: It is a security best practice to have passwords expire every 30 to 90 days, depending on your environment. This way, an attacker has a limited amount of time in which to crack a user's password and have access to your network resources. Default: 42. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy!Maximum password age (2) WMI: ###

Platform:
Microsoft Windows 8.1
Reference:
CCE-34907-6
CPE    1
cpe:/o:microsoft:windows_8.1
CCE    1
CCE-34907-6
XCCDF    6
xccdf_org.secpod_benchmark_ISO27001_Windows_8_1
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_8_1
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_8_1
xccdf_org.secpod_benchmark_general_Windows_8_1
...

© 2013 SecPod Technologies