CCE-44436-4| Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Turn off Password Manager'
This setting lets you decide whether employees can save their passwords locally, using Password Manager.
Turning this setting on, or not configuring it, lets your employees use Password Manager.
Turning this setting off stops your employees from using Password Manager.
Counter Measure:
Disable this setting.
Potential Impact:
Users cannot store their password and need to provide it each time they sign onto their device.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsMicrosoft EdgeTurn off Password Manager
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftMicrosoftEdgeMainFormSuggest Passwords
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.0 | Attack Vector: LOCAL |
| Exploit Score: 1.0 | Attack Complexity: HIGH |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35450 |
