[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Accounts: Limit local account use of blank passwords to console logon only

ID: oval:gov.nist.usgcb.windowsseven:def:52Date: (C)2012-04-13   (M)2017-10-21
Class: COMPLIANCEFamily: windows




This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard. Default: Enabled. Warning: Computers that are not in physically secure locations should always enforce strong password policies for all local user accounts. Otherwise, anyone with physical access to the computer can log on by using a user account that does not have a password. This is especially important for portable computers. If you apply this security policy to the Everyone group, no one will be able to log on through Remote Desktop Services. Notes This setting does not affect logons that use domain accounts. It is possible for applications that use remote interactive logons to bypass this setting. Note: Remote Desktop Services was called Terminal Services in previous versions of Windows Server. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Accounts: Limit local account use of blank passwords to console logon only (2) REG: HKEY_LOCAL_MACHINE\System\Currentcontrolset\Control\Lsa!Limitblankpassworduse

Platform:
Microsoft Windows 7
Reference:
CCE-9418-5
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9418-5
XCCDF    10
xccdf_org.secpod_benchmark_cip_std_ver3_Windows_7
xccdf_hippa_benchmark_Windows_7
xccdf_org.secpod_benchmark_ISO27001_Windows_7
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_7
...

© 2013 SecPod Technologies