[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77986

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Specify the 'Domain member: Maximum machine account password age' (Max: 999 days)

ID: oval:org.secpod.oval:def:36532Date: (C)2016-08-05   (M)2017-10-13
Class: COMPLIANCEFamily: windows




This policy setting determines the maximum allowable age for a computer account password. By default, domain members automatically change their domain passwords every 30 days. If you increase this interval significantly or set it to 0 so that the computers no longer change their passwords, an attacker would have more time to undertake a brute force attack against one of the computer accounts. Counter Measure: Configure the Domain member: Maximum machine account password age setting to 30 days. Potential Impact: None. This is the default configuration. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age (2) REG: ### (3) WMI: ###

Platform:
Microsoft Windows 10
Reference:
CCE-41710-5
CCE    1
CCE-41710-5
XCCDF    4
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© 2013 SecPod Technologies