[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98218

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Specify the 'Minimum password age' (Max: 86227200 minutes, i.e 998 days)

ID: oval:org.secpod.oval:def:36551Date: (C)2016-08-05   (M)2017-10-23
Class: COMPLIANCEFamily: windows




This policy setting determines the number of days that you must use a password before you can change it. The range of values for this policy setting is between 1 and 999 days. (You may also set the value to 0 to allow immediate password changes.) The default value for this setting is 0 days. Counter Measure: Configure the Minimum password age setting to a value of at least 2 days. Users should know about this limitation and contact the help desk if they need to change their password during that 2-day period. If you configure the number of days to 0, immediate password changes would be allowed, which we do not recommend. When configuring this setting you should also configure the Maximum password age to a value that makes sense in combination with this one. Potential Impact: If an administrator sets a password for a user but wants that user to change the password when the user first logs on, the administrator must select the User must change password at next logon check box, or the user will not be able to change the password until the next day. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy\Minimum password age (2) REG: ### (3) WMI: root\rsop\computer RSOP_SecuritySettingNumeric Setting KeyName = 'MinimumPasswordAge' And precedence=1

Platform:
Microsoft Windows 10
Reference:
CCE-41953-1
CCE    1
CCE-41953-1
XCCDF    4
xccdf_org.secpod_benchmark_general_Windows_10
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
...

© 2013 SecPod Technologies