Reversible Password EncryptionID: oval:org.secpod.oval:def:22810 | Date: (C)2015-01-07 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
This policy setting determines whether the operating system stores passwords in a way that uses reversible encryption, which provides support for application protocols that require knowledge of the user's password for authentication purposes. Passwords that are stored with reversible encryption are essentially the same as plaintext versions of the passwords.
This policy setting determines whether the operating system stores passwords in a way that uses reversible encryption, which provides support for application protocols that require knowledge of the user's password for authentication purposes.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy!Reversible Password Encryption
(2) WMI: root\rsop\computer#RSOP_SecuritySettingBoolean#Setting#KeyName = 'ClearTextPassword' And precedence=1
Platform: |
Microsoft Windows Server 2012 R2 |