CCE-37622-8| Platform: cpe:/o:microsoft:windows_server_2012::r2 | Date: (C)2015-10-08 (M)2023-07-14 |
Interactive logon: Prompt user to change password before expiration
This policy setting determines how far in advance users are warned that their password will expire. Microsoft recommends that you configure this policy setting to 14 days to sufficiently warn users when their passwords will expire.
Parameter:
[days]
Technical Mechanism:
(1) GPO: Computer ConfigurationWindows SettingsSecurity SettingsLocal PoliciesSecurity Options!Interactive logon: Prompt user to change password before expiration
(2) REG: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon!passwordexpirywarning
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 3.7 | Attack Vector: NETWORK |
| Exploit Score: 2.2 | Attack Complexity: HIGH |
| Impact Score: 1.4 | Privileges Required: NONE |
| Severity: LOW | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L | Scope: UNCHANGED |
| | Confidentiality: NONE |
| | Integrity: NONE |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:22772 |
