[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-44880-3

Platform: win2016Date: (C)2017-08-03   (M)2017-10-16



"Do not allow passwords to be saved" This policy setting helps prevent Terminal Services clients from saving passwords on a computer. Note If this policy setting was previously configured as Disabled or Not configured, any previously saved passwords will be deleted the first time a Terminal Services client disconnects from any server. Vulnerability: An attacker with physical access to the computer may be able to break the protection guarding saved passwords. An attacker who compromises a user's account and connects to their computer could use saved passwords to gain access to additional hosts. Counter Measure: Enable this setting. Potential Impact: If you enable this policy setting, the password saving checkbox is disabled for Terminal Services clients and users will not be able to save passwords.


Parameter: DisablePasswordSaving


Technical Mechanism: Fix: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Connection Client (2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!DisablePasswordSaving

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:40314


OVAL    1
oval:org.secpod.oval:def:40314
XCCDF    3
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016

© 2013 SecPod Technologies