[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108530

 
 

909

 
 

85343

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

Specify the 'Domain member: Maximum machine account password age' (Max: 999 days)

ID: oval:org.secpod.oval:def:36532Date: (C)2016-08-05   (M)2018-05-11
Class: COMPLIANCEFamily: windows




This policy setting determines the maximum allowable age for a computer account password. By default, domain members automatically change their domain passwords every 30 days. If you increase this interval significantly or set it to 0 so that the computers no longer change their passwords, an attacker would have more time to undertake a brute force attack against one of the computer accounts. Counter Measure: Configure the Domain member: Maximum machine account password age setting to 30 days. Potential Impact: None. This is the default configuration. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Domain member: Maximum machine account password age (2) REG: ### (3) WMI: ###

Platform:
Microsoft Windows 10
Reference:
CCE-41710-5
CCE    1
CCE-41710-5
XCCDF    6
xccdf_org.secpod_benchmark_SecPod_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
...

© SecPod Technologies